VP of Information Security

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 12+ years of progressive experience in information security, with at least 5 years in a senior leadership role.
• Proven experience in developing and executing an enterprise-wide, global information security program.
• Demonstrated experience in managing security incidents and leading crisis response efforts.

Nice To Haves

• Bonus points for experience leading one or more of HiTrust, ISO, SOC, FedRamp/GovRamp audits.
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Chief Information Security Officer (CCISO)

Responsibilities

• Develop, implement, and maintain a comprehensive, long-term, global information security strategy aligned with business objectives and risk tolerance.
• Refine and enforce security policies, standards, and procedures across the organization.
• Report on the organization's security posture and risk profile to the executive team and the Board of Directors.
• Establish and lead the security operations center (SOC) and incident response teams.
• Develop and execute an incident response plan to ensure swift detection, containment, and recovery from security breaches.
• Oversee the management of security technologies.
• Provide strategic direction for the design and implementation of secure enterprise and cloud infrastructure.
• Stay current with emerging cybersecurity threats, technologies, and best practices.
• Evaluate and recommend new security technologies and services to enhance the organization's defenses.
• Lead the identification, assessment, and mitigation of security risks and vulnerabilities.
• Ensure the organization's compliance with relevant industry standards and regulatory frameworks (e.g., GDPR, HIPAA, ISO 27001, SOX).
• Manage and assess the security risks associated with third-party vendors and partners.
• Continue hardening vendor risk management program to ensure supply chain security.
• Mentor, and lead a high-performing information security team.
• Continue fostering a culture of cybersecurity awareness across all departments through training and communication programs.
• Maintain strong working relationships with cross-functional teams, including DevOps, IT, Legal, Privacy, Engineering, Data and integrate security into business processes.

Benefits

• Comprehensive healthcare coverage (including medical, dental, vision, FSA/HSA, life and disability insurances)
• Lyra for Lyrians; coaching and therapy services
• Equity in the company through discretionary restricted stock units
• Competitive time off with pay policies including vacation, sick days, and company holidays
• Paid parental leave
• 401K retirement benefits
• Monthly tech allowance
• We like to spread joy throughout the year with well-being perks and activities, surprise swag, free food, regular community celebrationâ ¦and more!