General Responsibilities
- Develop / maintain / implement a comprehensive company-wide cybersecurity strategy that aligns with the company's business objectives and industry best practices
- Drive the product and enterprise security to protect services and presence, customer data, and corporate data
- Have a hands-on and delegate when needed approach to app security and enterprise security.
- Oversee security governance, risk management, and compliance programs to ensure adherence to relevant regulations and standards
- Ensure compliance for SOC 2 / 3 , State / Federal RAMP authorizations, along with other compliance standards as required
- Develop, implement, and maintain company-wide information security policies and procedures taking into account security operations, applications security, and information security
- Ensure the highest level of data security and privacy for customer and corporate data, including encryption, access controls, and data classification
- Develop and maintain a robust security architecture that encompasses network security, application security, cloud security, and endpoint protection
- Manage relationships with vendors, external partners, and stakeholders to ensure the security of third-party solutions and services. Communicate effectively with other executives and board members about information security-related matters
- Recruit, manage, and mentor a high-performing information security team. Promote a culture of continuous learning and adaptation to emerging security threats and technologies.
PROFICIENCIES
- Define and effectively deliver the cybersecurity roadmap aligned with organizational goals and industry best practices.
- Provide leadership and guidance to the cybersecurity team, ensuring a proactive and risk-based approach to cybersecurity
- Conduct regular risk assessments to identify potential threats and vulnerabilities.
- Implement and maintain effective risk mitigation strategies to protect sensitive information.
- Design, implement, and maintain a robust cybersecurity architecture that aligns with industry standards and regulatory requirements.
- Oversee the deployment and management of security and compliance technologies, ensuring optimal performance and effectiveness.
- Develop and maintain an incident response plan to address cybersecurity incidents promptly and effectively.
- Lead and coordinate response efforts during cybersecurity incidents, working closely with relevant stakeholders.
- Implement a comprehensive security awareness and training program for employees, ensuring a strong cybersecurity culture across the organization.
- Evaluate third-party vendors and their cybersecurity practices to mitigate potential risks to the organization while offering clear and collaborative workflow steps and requirements to complete the approval of third-party vendors.
Education And Experience
- 15 years of experience with 4 years of experience in a lead role with increasing levels of responsibilities
- Experience scaling a security program in a fast-paced environment.
- Ideal experience would be experience working at a start-up or a technology company that has gone through a period of fast growth.
- Experience in developing security functions and maturity in a fast-paced global organization, mitigating critical security risks and implementation of security technologies
- Strong knowledge in the area of operational risk management in the financial industry
- Experience leading security for a global enterprise company.
SALARY
$165,500 - $197,300/Annually, depending upon experience and location
