VP Information Security

Lamb Weston HoldingsEagle, ID
74d$258,620 - $387,940
Match Resume

About The Position

The VP Information Security at Lamb Weston serves as the primary point of contact for information security and is responsible for oversight of enterprise-wide IT Information Security vision, strategy, policy, operations, risk management, and business continuity. We are seeking individuals who have demonstrated success transforming, growing, and continuously improving the cyber security function within a diverse, decentralized model through expertise and influence. The candidate should have experience working with and managing key vendor partners as part of an extended team. The ideal candidate should possess deep technical expertise with specific experience working with cybersecurity best practices and frameworks (ISO/IEC, 27001, NIST 800-53, SOX 404, COBIT) across multiple platforms. Experience working in a senior leadership security role for a publicly held company, creating and evolving an Information Security organization, and experience working for a global organization are required. Breadth of experience in these areas, as well as strong leadership and influencing capabilities are required. Demonstrated experience leading teams in a dynamic environment while meeting customer requirements is necessary. This role will provide vision and leadership necessary to manage information security risk to the organization to ensure business alignment, effective governance, operational efficiency, performance monitoring and measurement, and business continuity. Provide executive level decision support through both informal and formal means, including but not limited to executive level metrics, dashboards, risk analysis and mitigation, risk acceptance, and risk reporting. This role will also report, escalate, and remediate IT risk and compliance related issues, working in collaboration with corporate compliance, internal audit, and various technical teams in the design, maturity, and implementation of audit, risk assessment, and regulatory compliance practices and documentation for IT. This position will advise and lead a matrixed direct and in-direct team of IT professionals and analysts knowledgeable in business activities to meet user information needs and the strategic goals of the organization.

Requirements

  • Demonstrated experience with various information security controls, including secure network architecture, access paths, ERP and mainframe security, global security & cybersecurity laws, systems security, encryption systems, and database security.
  • Experience designing and maintaining information security policies and procedures, that are informed by the needs of the business.
  • Develop and implement a multi-year information security roadmap and plan, which includes metrics to measure performance.
  • Deep knowledge and experience with security and regulatory compliance as well as external audits.
  • Proven track record and experience in developing information security policies and procedures as well as successfully implementing programs.
  • Abreast of new tools and technologies related to OT & IT security.
  • Experience working in a senior leadership security role for a publicly held company.
  • Able to interpret technical security details and properly translate those into business terms for Executive leadership.
  • Proven analytical ability to solve complex business and technical problems.
  • Strong interpersonal skills to effectively collaborate with internal/external customers, senior management, and the Board of Directors.
  • Ability to cultivate networks with people from across a variety of business units, technology disciplines, operational functions, and locations.
  • Transparent leader with the ability to work in ambiguous situations.
  • Strong people leader and developer of talent.
  • 10+ years of experience in a senior level information security and risk management role required.
  • Bachelor's degree or equivalent in Information Security, Computer Science, or related fields. Masters preferred.
  • CISSP, CISM, CRISC or other security certifications preferred.
  • Strong understanding of regulatory requirements and industry standards (e.g., ISO 27001, NIST, GDPR).
  • Thrive in a diverse, fast paced, autonomous and decentralized environment.
  • Ability to travel independently, both domestically and internationally, up to 25% of the time may be required.

Responsibilities

  • Develop, implement, and maintain a comprehensive enterprise security strategy roadmap.
  • Develop and mature the company's information security program, ensuring compliance with relevant regulations and standard methodologies.
  • Proactively monitor, evaluate, and implement standard methodologies related to enterprise information security practices.
  • Monitor the external threat environment for emerging threats and advise relevant business partners on the appropriate course of action.
  • Collaborate with senior leaders and departments to assess risks, coordinate mitigation efforts, establish internal controls, respond to incidents, and manage shared concerns.
  • Serve as an expert advisor to executive leadership in the development, implementation, and maintenance of a strong information privacy and security program.
  • Evaluate effectiveness of information security, privacy, and business continuity planning programs and procedures of third parties.
  • Develop, maintain, and routinely exercise breach and ransomware approaches and processes.
  • Identify and mitigate security events and incidents, compliance issues, operational inefficiencies, application vulnerabilities, network/infrastructure, and other vulnerabilities.
  • Review and evaluate technology and incoming new vendors for future risks and opportunities to improve IT security.
  • Establish Information Security guidance for the Enterprise Architecture team and approve designs and strategies.
  • Provide strategic risk guidance for the company's IT projects, including the evaluation and recommendation of technical controls.
  • Continuously improve a vulnerability management program which includes automated vulnerability scanning, customized vulnerability assessment, and penetration testing.
  • Create and communicate a risk-based process for vendor risk management, including assessment and treatment for risks.
  • Perform risk assessments and maintain the risk register.
  • Oversee user access/provisioning for various systems used by the company.

Benefits

  • Health Insurance Benefits - Medical, Dental, Vision
  • Flexible Spending Accounts for Health and Dependent Care, and Health Reimbursement Accounts
  • Well-being programs including companywide events and a wellness incentive program
  • Paid Time Off
  • Financial Wellness - Industry leading 401(k) plan with generous company contributions, Financial Planning Services, Employee Stock purchase program, and Health Savings Accounts, Life and Accident insurance
  • Family-Friendly Employee events
  • Employee Assistance Program services - mental health and other concierge type services

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Executive

Industry

Food Manufacturing

Education Level

Bachelor's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service