VP IT Information Security & Audit

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field; or equivalent experience.
• 15+ years of progressive experience in cybersecurity, information security, IT risk, or audit roles.
• Proven experience leading enterprise security programs in complex, regulated environments.
• Strong understanding of cloud security, particularly Microsoft Azure and SAP landscapes.
• Experience managing third-party security providers, MSSPs, and audit partners.
• Demonstrated ability to communicate complex technical and risk concepts to executive and business audiences.

Nice To Haves

• Advanced degree (MBA, MS in Cybersecurity, or similar).
• Relevant certifications such as CISSP, CISM, CISA, CRISC, or equivalent.
• Experience in manufacturing, food & beverage, consumer packaged goods, or industrial environments.
• Familiarity with OT/ICS security and plant-floor technology risks.
• Exposure to AI use cases related to IS

Responsibilities

• Define and execute the enterprise cybersecurity and information security strategy aligned with business objectives and risk tolerance.
• Protect enterprise systems, networks, applications, cloud platforms, and operational technology (OT) environments from cyber threats.
• Oversee security architecture and controls for SAP on Azure and Microsoft-based data and analytics platforms.
• Lead threat detection, incident response, vulnerability management, and security operations, leveraging internal capabilities and third-party partners.
• Establish and maintain security standards, policies, procedures, and technical controls across the enterprise.
• Partner with Infrastructure, Applications, Data & Analytics, and OT teams to embed security into system design and operations.
• Own the enterprise privacy and data protection program, ensuring compliance with applicable privacy and data protection laws and regulations.
• Develop and maintain policies and processes for data classification, data handling, retention, and protection.
• Partner with Legal, HR, and business leaders to manage privacy risk related to customer, consumer, employee, and supplier data.
• Oversee privacy risk assessments, third-party privacy reviews, and incident response related to data privacy events.
• Lead the IT controls and audit function, including internal IT audits, controls testing, and coordination with internal and external auditors.
• Ensure the effectiveness of IT general controls (ITGCs) supporting financial reporting, operational resilience, and regulatory compliance.
• Own and employ technology risk management practices, including risk assessments, remediation tracking, and executive reporting.
• Support enterprise risk management (ERM) initiatives by providing cybersecurity and technology risk insights.
• Lead and develop a high-performing team across cybersecurity, information security, privacy, and IT audit disciplines.
• Manage a hybrid delivery model with several security and audit functions provided by trusted third-party partners.
• Set clear goals, performance expectations, and development plans for team members.
• Manage departmental budgets, vendor relationships, and service-level expectations.
• Serve as a trusted advisor to the CIO and IT leadership team on cybersecurity, privacy, and technology risk matters.
• Regularly report on cybersecurity posture, risk levels, incidents, and compliance status to executive leadership.
• Establish and maintain governance forums, metrics, and dashboards to support informed decision-making.
• Stay current on emerging threats, regulatory changes, and industry best practices relevant to food manufacturing and global supply chains.