• Develop and Drive Information Security roadmap to achieve compliance and risk management objectives
• Provide strategic and tactical leadership for the Information Security organization
• Perform program management and governance for Information Security initiatives, ensuring successful outcomes
• Create, maintain, and enforce enterprise security standards, policies, procedures, patterns, and documentation
• Design and maintain strategic plans and execute upon technology roadmaps to protect organization information assets
• Work with IT leadership to establish a vision for the Information Security functions and standards
• Anticipate and advance technical controls that enhance our ability to protect, detect, and respond to changing threats
• Responsible for defining security capabilities to protect company information assets that is supported by a strategy and roadmap
• Engage with stakeholders in support of the organization and be an advocate for Information Security controls across the organization
• Participate in new system implementation projects to ensure that appropriate security controls are built into systems prior to “go-live”
• Drive process improvement and control implementation projects in coordination with the IT department and other functions
• Partner with stakeholders across the organization to understand their strategic objectives, technology dependencies, and emerging trends to lead and collaborate on building security solutions into new systems
• Develop, maintain, and execute an enterprise-wide security strategy and roadmap
• Build strong relationships and work with business counterparts, and leaders across the organization in defining the Cybersecurity program and solutions strategy, as well as the future roadmap for new capabilities

Education

​

• Four-year bachelor’s degree required

​

Skills & Relevant Work Experience

​

• 15+ years’ experience in information Security
• Experience building security architectures for applications and systems deployed on or with the following technologies: SaaS, IaaS, PaaS, Microservices, Azure, AWS, Microsoft Windows Active Directory, Entra, SQL Server
• Ability to drive standards to achieve a secure environment with deep knowledge of IP based protocols
• Deep understanding of modern security architecture best practices
• Knowledge of Software Security Architecture and Design and the ability to clearly articulate best practices
• Strong working knowledge of application security, network security, security technologies and complex system threat modeling
• Experience formulating and prioritizing security requirements according to the organization's risk
• Proven experience technical lead organizing and mentoring Managers and Directors
• Working knowledge of security compliance standards (NIST, CMMC, GDPR, CCPA, ISO, PCI, SOC 2, etc.)
• Ability to exercise sound judgment with strong written and verbal communication skills

EOE M/F/D/V