Responsibilities:
- Develop, maintain, and implement a comprehensive company-wide cybersecurity strategy that aligns with the company's business objectives and industry best practices.
- Drive the product and enterprise security to protect services and presence, customer data, and corporate data.
- Adopt a hands-on approach to app security and enterprise security, delegating when necessary.
- Oversee security governance, risk management, and compliance programs to ensure adherence to relevant regulations and standards.
- Ensure compliance for SOC 2/3, State/Federal RAMP authorizations, along with other compliance standards as required.
- Develop, implement, and maintain company-wide information security policies and procedures taking into account security operations, applications security, and information security.
- Ensure the highest level of data security and privacy for customer and corporate data, including encryption, access controls, and data classification.
- Develop and maintain a robust security architecture that encompasses network security, application security, cloud security, and endpoint protection.
- Manage relationships with vendors, external partners, and stakeholders to ensure the security of third-party solutions and services.
- Communicate effectively with other executives and board members about information security-related matters.
- Recruit, manage, and mentor a high-performing information security team. Promote a culture of continuous learning and adaptation to emerging security threats and technologies.
Profiencies:
- Define and effectively deliver the cybersecurity roadmap aligned with organizational goals and industry best practices.
- Provide leadership and guidance to the cybersecurity team, ensuring a proactive and risk-based approach to cybersecurity.
- Conduct regular risk assessments to identify potential threats and vulnerabilities.
- Implement and maintain effective risk mitigation strategies to protect sensitive information.
- Design, implement, and maintain a robust cybersecurity architecture that aligns with industry standards and regulatory requirements.
- Oversee the deployment and management of security and compliance technologies, ensuring optimal performance and effectiveness.
- Develop and maintain an incident response plan to address cybersecurity incidents promptly and effectively.
- Lead and coordinate response efforts during cybersecurity incidents, working closely with relevant stakeholders.
- Implement a comprehensive security awareness and training program for employees, ensuring a strong cybersecurity culture across the organization.
- Evaluate third-party vendors and their cybersecurity practices to mitigate potential risks to the organization.
Education and Experience:
- 15 years of experience with 4 years of experience in a lead role with increasing levels of responsibilities.
- Experience scaling a security program in a fast-paced environment.
- Ideal experience includes working at a start-up or a technology company that has gone through a period of fast growth.
- Experience in developing security functions and maturity in a fast-paced global organization, mitigating critical security risks and implementing security technologies.
- Strong knowledge in the area of operational risk management in the financial industry.
- Experience leading security for a global enterprise company.
Salary:
$165,500 - $197,300/Annually, depending upon experience and location.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
#J-18808-Ljbffr
