VP, Security

Stax-posted about 1 hour ago
Full-time • Executive
Onsite • Orlando, FL
51-100 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The VP, Security is a key executive leader responsible for advancing Stax's enterprise security posture across cloud infrastructure, applications, identity and access management, and compliance frameworks. This role oversees all security operations, vulnerability management, audit programs (PCI DSS, SOC 1, SOC 2), and the strategic integration of security tools and controls. The VP, Security directs cross-functional teams, establishes security governance, and ensures alignment between Technology, Engineering, IT, Product, and Compliance on security strategy and execution. This position requires executive presence, hands-on cloud security expertise, and demonstrated ability to manage complex security transformations and third-party vendor relationships.

  • Compliance, Audit & GRC Leadership
  • Own and oversee Stax's PCI DSS and SOC 2 audit programs, ensuring successful annual execution, evidence collection, and remediation planning in partnership with external auditors
  • Lead implementation and oversight of the SOC 1 audit program (Budget allocated for 2026) and coordinate requirements across all relevant business units
  • Establish and maintain comprehensive security governance frameworks aligned with PCI DSS, SOC 1, and SOC 2 requirements
  • Drive continuous improvement in audit readiness, control testing, and documentation to reduce remediation cycles
  • Serve as executive liaison to external auditors, ASVs, and compliance partners
  • Cloud Security Architecture & AWS Governance
  • Drive automation of security controls through Infrastructure-as-Code and AWS native capabilities
  • Align AWS security posture with PCI encryption and network segmentation requirements
  • Partner with Engineering and Cloud Architecture teams to embed security controls into CI/CD pipelines and deployment workflows
  • Security Operations & Threat Detection
  • Direct Security Operations Center (SOC) activities and incident response programs, including: Splunk for SIEM, log analytics, and security event management, CrowdStrike for endpoint detection and response (EDR) and threat hunting, ReliaQuest for managed security services and SOC expansion, Cloudflare for DDoS mitigation, WAF, and perimeter security
  • Ensure continuous improvement in detection capabilities, response playbooks, and mean-time-to-respond metrics
  • Oversee Security Operations team (Jose Alvarado lead) and secure additional resources as needed for scaling operations
  • Maintain operational readiness and cross-training across Splunk, CrowdStrike, ReliaQuest, and Cloudflare platforms
  • Vulnerability Management & Remediation
  • Oversee comprehensive vulnerability management program using: Tenable for external vulnerability scans (ASV) to ensure PCI compliance, Qualys for enterprise internal vulnerability scanning and analysis, AWS Inspector for cloud-native vulnerability discovery, Snyk for Software Composition Analysis (SCA) and source code vulnerability detection, SonarQube for static application security testing (SAST) and code quality analysis, Aikido for runtime application security and CI/CD pipeline integration
  • Monitor and report on vulnerability metrics, including remediation coverage across Stax Bill, BlockChyp, and other key platforms
  • Implement blocking policies for critical vulnerabilities in deployment pipelines (in coordination with Aikido rollout)
  • Ensure remediation accountability across CMD teams and engineering organizations
  • Identity, Access & Authentication
  • Own Okta security posture and oversee all Okta upgrade initiatives, including: Okta FastPass passwordless authentication rollout and adoption, Okta governance and access control policy enforcement, Coordination of PCI requirements with IT and Compliance teams
  • Establish and enforce least-privilege access principles across all systems and cloud environments
  • Partner with IT to maintain Okta security hardening and MFA enforcement
  • Application & Code Security
  • Oversee GitHub Enterprise security transition to CMD team, ensuring: Code repository security controls and access governance remain aligned with compliance, Executive sponsorship for budget, training, and organizational adoption
  • Drive integration of security scanning tools into CI/CD pipelines: Snyk for dependency and composition analysis, SonarQube for SAST and code quality, Human Security for secrets detection and protection, Aikido for runtime protection and deployment gating
  • Ensure all security scanning policies and deployment gates are enforced and monitored
  • Endpoint, Mobile & Data Protection
  • Own endpoint and device security strategy, including: CrowdStrike for EDR and continuous endpoint monitoring, Jamf for macOS device management and compliance enforcement, Microsoft Intune for Windows and mobile device management, Security policy enforcement and remote wipe capabilities
  • Oversee Mimecast email security and cross-train teams on operations and threat handling
  • Lead Zscaler DLP rollout and data loss prevention capabilities across the organization
  • Manage VDI security strategy and access controls for sensitive environments
  • Network & Physical Security
  • Lead Network Hardening (Portnox) project through legal review and coordinate rollout with IT teams
  • Provide executive sponsorship and direction for Orlando Office Access Control implementation
  • Own perimeter security strategy using Cloudflare, AWS WAF, and AWS Shield Advanced
  • Security Awareness & Training
  • Direct KnowBe4 security awareness and phishing campaign program
  • Ensure annual security training compliance across all employees in partnership with HR
  • Establish metrics for phishing click rates, training completion, and user security awareness improvement
  • Netskope & Advanced Network Security
  • Oversee Netskope Zero Trust Network Access rollout: Coordinate resume of rollout across Engineering, QA, and Executive teams, Work with executive sponsors to unblock adoption challenges, Align Netskope security policies with zero-trust access principles
  • Human Security & Application Integrity
  • Oversee Human Security rollout across development applications and infrastructure
  • Coordinate rollout completion to BlockChyp and other remaining applications
  • Leverage Human Security for secrets management and insider threat prevention
  • Team Leadership & Development
  • Build and lead a high-performing security team spanning Cloud Security, Application Security, Security Operations, Vulnerability Management, and Governance, Risk & Compliance (GRC)
  • Establish clear accountability, KPIs, and career development paths for team members
  • Conduct regular one-on-ones, mentoring, and performance management
  • Foster a culture of proactive security and compliance across the organization
  • Represent security at executive and board-level discussions and strategy sessions
  • Key Relationships & Stakeholder Management
  • Chief Technology Officer (CTO): Direct reporting relationship; executive alignment on security strategy and resource needs
  • CMD Team: Oversee GitHub Enterprise transition, coordinate SCA/SAST tool integration
  • VP Finance: Budget planning, vendor negotiations, and compliance-related spending
  • Chief Compliance Officer / Audit: Partner on PCI, SOC 1, SOC 2 program execution and external auditor coordination
  • HR: Security awareness training, phishing program coordination, and employee onboarding security
  • 10+ years in enterprise or cloud security leadership roles
  • Minimum 5 years in a Vice President, Director, or equivalent executive-level security position
  • Demonstrated expertise managing AWS security services and cloud-native threat detection (GuardDuty, Security Hub, WAF, Shield)
  • Proven track record successfully leading PCI DSS and SOC 2 compliance programs through audit cycles
  • Experience building, leading, and scaling security teams (minimum 5 people)
  • Strong understanding of vulnerability management, remediation workflows, and security metrics
  • Demonstrated ability to manage complex security tool integrations and multi-vendor environments
  • Executive presence and communication skills for board-level presentations and stakeholder alignment
  • Deep technical knowledge of SIEM platforms (Splunk preferred) and SOC operations
  • Familiarity with identity and access management (Okta, Azure AD, or equivalent)
  • Understanding of Zero Trust architecture and network access controls
  • Knowledge of endpoint security and EDR platforms (CrowdStrike preferred)
  • Experience with application security tools and CI/CD pipeline security
  • PCI DSS compliance requirements and audit frameworks
  • SOC 2 Type II audit requirements and control frameworks
  • AWS IAM, networking, encryption, and infrastructure security best practices
  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • AWS Certified Security – Specialty
  • CCSK (Certified Cloud Security Knowledge)
  • PCI Qualified Security Assessor (QSA) or related compliance certification
  • Comprehensive benefits package including health insurance, 401(k), Open PTO, professional development budget
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service