VP, Information Security

About InMarket

Since , InMarket has been the leader in -degree consumer intelligence and real-time activation for thousands of today’s top brands. Through InMarket's data-driven marketing platform, brands can build targeted audiences, activate media in real time, and measure success in driving return on ad spend. InMarket's proprietary Moments offering outperforms traditional mobile advertising by 6x.* Our LCI attribution platform, which won the MarTech Breakthrough Award for Best Advertising Measurement Platform, was validated by Forrester to drive an average of $40 ROAS for our clients.

*Source: Wordstream US Google Display Benchmarks for Mobile Media

About the Role

Reporting to the Chief Financial Officer, the VP, Information Security is responsible for implementing and running the enterprise information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected in the digital ecosystem in which InMarket operates.

Responsibilities:

Strategy, Planning & Leadership:

• Develop an information security vision and strategy that is aligned to organizational priorities.
• Participate in strategic and operational governance processes.
• Manage the information security management system.
• Lead strategic information security planning to achieve business goals by prioritizing initiatives and coordinating the evaluation, deployment, and management of current and future technologies using a risk-based assessment methodology.
• Provide regular reporting on the current status of the information security program to a variety of audiences including senior management.
• Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices and regulatory requirements.
• Manage the budget for the information security function, monitoring and reporting discrepancies.
• Manage the information security organization, including hiring, development, retention and performance management.

Acquisition & Deployment:

• Define and communicate plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
• Participate in feasibility studies and conduct risk assessments for software and systems under consideration for purchase and make recommendations.
• Ensure that any new software and integration into company systems meet security requirements.

Operational Management:

• Act as advocate and primary liaison for the company’s information security vision via regular communications with the senior leadership, department heads, and employees.
• Create a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
• Work closely with the technology and product departments on corporate technology development to fully secure information, computer, network, and processing systems.
• Develop, track, and control the security services annual operating and capital budgets for purchasing, staffing, and operations.
• Recommend and implement changes in security policies and practices in accordance with changes in local or federal law.
• Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company’s reputation.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
• Develop and oversee effective disaster recovery policies and standards to align with the enterprise business continuity management program goals.
• Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas.
• Facilitate and support the development of asset inventories.
• Promote and oversee strategic security relationships between internal resources and external entities, including vendors, and partner organizations.
• Remain informed on trends and issues in cybersecurity, including current and emerging technologies and threats. Advise, counsel, and educate executive and management teams on their relative importance and organizational impact.

Position Requirements:

• Bachelor’s degree in Computer Science or Business Administration is Required.
• 10+ years of experience in Senior People Leadership roles in Information Security and IT is Required.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) is an asset.
• Knowledge of common information security management frameworks, such as NIST, including -53 and Cybersecurity Framework is RequiredISO/IEC , ITIL, COBIT in addition are preferred.
• GSEC, Cloud Certs (AWS/GCP Architecture level & Security Specialty Preferred), OSCP, or relevant SANS certifications preferred.
• Demonstrable hands-on experience securing complex, tech forward cloud environments required.
• Experience with ISO, SOC and SOX compliance required.

Compensation & Benefits Summary:

• Competitive salary, stock options, flexible vacation
• Medical, Dental and Flexible Spending Account (FSA)
• Company Matched (k)
• Unlimited PTO (Within reason)
• Talented co-workers and management
• Agile Development Program (For continued learning/professional development)
• Paid Paternity & Maternity Leave

For candidates in California, Colorado, New York City, Illinois, Minnesota, New Jersey, Vermont and Massachusetts the Targeted Base Salary Range for this role is $, - $,

Actual salaries will vary depending on factors including but not limited to work experience, specialized skills and training, performance in role, business needs, and job requirements. Base salary is subject to change and may be modified in the future. Base salary is just one component of InMarket’s total rewards package that also may include bonus, equity, and benefits. Ask your recruiter for more information!

At InMarket, diversity is not just a value, it’s the very essence of who we are. It’s about recognizing and celebrating the unique perspectives each of us brings, from our colleagues to the communities we serve.We are committed to embracing the full spectrum of backgrounds, beliefs, abilities, and life experiences, knowing that this diversity strengthens us. At InMarket, our commitment to Diversity, Equity, and Inclusion means valuing each individual’s unique contributions. Together, we thrive.