VP Information Security Job Description
VP Information Security Duties & Responsibilities
To write an effective VP information security job description, begin by listing detailed duties, responsibilities and expectations. We have included VP information security job description templates that you can modify and use.
Sample responsibilities for this position include:
VP Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for VP Information Security
List any licenses or certifications required by the position: CISSP, CISA, CRISC, SANS, GIAC, CEH, CISM, CSSLP, CSP, GSEC
Education for VP Information Security
Typically a job would require a certain level of education.
Employers hiring for the VP information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Information Technology, Business, Engineering, Technology, Information Systems, Management, MBA, Education
Skills for VP Information Security
Desired skills for VP information security include:
Desired experience for VP information security includes:
VP Information Security Examples
VP Information Security Job Description
- Functioning as the IT liaison with senior leaders and Internal/External Auditors on Intellectual Property, SOX and other regulatory engagements
- Ensure alignment with the key business stakeholders
- Working with board and governance committees to determine acceptable levels of information security risk for the organization and ensuring that information security is managed effectively and efficiently in terms of program evaluation, reporting and cost management
- Setting, implementing and continuing evaluation of consistent standards for IT security operations and support
- Execute and coordinate the Firm’s Information Security Program (ISP) activities
- Continually enhance the IHC information security strategy
- Ensure the information security policies and procedures are aligned with the company goals and objectives
- Participate in and lead high priority information security projects with the ability to identify risks at an executive and company-wide level
- Coordinate and manage Regulatory Exams and Reporting requirements
- Engage with all levels of management to create and present executive presentations outlining the status of initiatives, operational metrics, areas of identified risks, mitigation strategies, alignment with industry standards, and compliance with necessary regulations, such as FFIEC
- Relevant certifications (CISSP, CISM, CISA, etc) are desireable
- Minimum of five years experience demonstrating expertise in relevant information security technologies such as Data Leakage Protection, Encryption, Operating System and Application Security and other appropriate areas
- Good knowledge/experience on Windows Linux based authentication products and services
- Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA), preferred
- Ability to connect and interact with other departments & customers – Face of Engineering (Product Management/Product Owners, Hardware, Sales, Marketing)
- Candidates holding a current CISSP qualification are preferable
VP Information Security Job Description
- Assist teams in responding to auditors and regulators to demonstrate compliance with policies, Service Level Agreements, contractual obligations and applicable regulations
- Work with risk management teams to ensure clear understanding of objectives and prioritization of activities
- Assist and lead training for other regional organizations in information security practices and provide guidance for implementation
- Partner with existing operations teams to understand requirements, level of detail and practical usability of existing and target data sets
- Work with operations, services & engineering to identify clear boundaries between data domains, define models, and to rationalize common data elements to normalized name and value forms
- Establish & incubate common data models and vocabularies to enable assessment of control gap, control effectiveness, investment return and overall trending of spend to incident outcomes
- Assist product team in driving clear roadmaps for major data producers and consumers to align on common critical data element definitions and systems of record
- Manage a team of associates and (potentially) onsite and offsite contractors to monitor for and respond to security events 24x7x365
- Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention)
- Automate repetitive tasks and drive efficiencies so analysts can work on more advanced tasks
- Ability to multi-task, present to executive staff members, and decorum in high pressure situations
- Masters Degree in Cybersecurity or equivalent degree
- Ensures escalation and notification for security and IT Risk related issues Participates in a “State of Health” program for the business, including reporting, planning and prioritization of key risks
- Participates as required in support of all strategic objectives established by the CIO and his team
- Ensures full participation in Audit programs assisting business in identifying technology based controls
- Comprehends Federal and Industry based regulations alignment to technology controls
VP Information Security Job Description
- Evaluate and update SOC policies and procedures as appropriate
- Develop metrics and scorecards to measure risk to the organization, effectiveness and efficiency of SOC associates
- Partner with the security engineering team to improve tool usage and workflow, with the advanced threats and assessment team to mature monitoring and response capabilities
- Manage career development for a team of associates, including training and mentoring, conducting performance reviews and exhibiting behaviors to be modeled by team members
- Develop skills and capabilities for associates, ranging from interns to Senior analysts
- Oversee staff responsible for Threat and Incident Response, Forensics, Vulnerability Assessment and Architecture
- Organization, preparation and coordination of business travels incl
- Prepare management presentations organize and prepare meetings, coordinate agendas, conduct analyses, summaries
- Follow-up and implementation of decisions
- Support global expert teams in projects implementing strategic business decisions and goals
- High degree of personal integrity and ethics passion for securing data systems and networks
- 5-10 years hands-on progressive experience in configuring, maintaining, testing and deploying firewalls in a heterogeneous environment
- Experience working with appliance based firewalls (SRX and Fortinet Firewalls), preferably with lab testing, product evaluations and engineering
- Strong scripting skills in Python, Perl, shell and/or PowerShell
- Expertise in engineering layered DoS and DDoS network level protect solutions that can detect and responds to attacks at various layers of the infrastructure
- Experience working with Red Hat Enterprise Linux is a plus
VP Information Security Job Description
- Creation of all relevant presentations
- Project-Support, coordination of consulting services, invoice auditing
- Cost Center administration, monitoring, budget and payment controlling
- Preparation, coordination and organization of all kind of Trainings and Campaigns, care of the participants, creation of participation certificates and maintenance of the data stock of e-learning programs, Communication Interface for all departments
- General administrative management (filing & document management)
- Maintenance of the Tower intranet presentation in collaboration with marketing
- Lead the security governance model by following industry best practices such as ISO 27002, NIST Cyber Security Framework, or NIST 800-53 to achieve desired security maturity model
- Manage the executive dashboard reporting on Cyber Security events and trends and publish to senior management and key stakeholders
- Lead multiple, complex projects and/or technology initiatives
- Work in partnership with all stakeholders to develop/update policies and procedures that accurately reflect business requirements and align to industry leading security practices
- Ability to make informal presentations, inside the organization
- 10+ years of progressively responsible information security experience
- Demonstrated ability to build and lead a team with a minimum of 5 years in a management position
- Proven track record and experience in developing information security policies and procedures in a global organization
- Inclusive and collaborative leadership style
- Ability to work with other leaders to set the right priority on advancing our security strategies while balancing other corporate and divisional priorities
VP Information Security Job Description
- Represent/oversee internal and external IT audit engagements
- Develop a process and methodology ensuring standards/secure builds of all technologies (OS, DB, Middleware, etc) within the TCP IT Landscape
- Lead the processes and procedures around the QRadar to aggregate logs, correlate events, and detect incidents
- Partner with IT stakeholders to formalize the patch management program, review the patches, evaluate the risk, and apply the patches using a risk based approach
- Perform periodic vulnerability scanning process and penetration tests
- Design/ implement and enforce IT controls supporting SOX and PCI Compliance
- Manager IT Third Party Risk Management program ensuring vendors are aligned and security and business continuity expectations
- Provide leadership and management to develop high performance teams
- Develop short and long-term Information Systems strategies related to infrastructure, security, support and applications that will improve the efficiency of associates
- Hire, develop and engage leading IT professionals
- Ability to work as part of a team to develop security solutions in collaboration with other information technology professionals
- Excellent analytical and problem-solving abilities to identify and fix security risks
- Excellent communication and presentation skills to build understanding and awareness of security issues throughout the organization
- 7 – 10 years of experience as an Information Security and technology risk practitioner
- Working knowledge of security standards and frameworks (e.g., NIST Cybersecurity Framework, FFIEC CAT, NIST 800-53, SWIFT Customer Security Programme)
- Technical Knowledge of Information Technology Systems