Vice President of Information Security

Job Details:

Job Title: Vice President/Director of Information Security

Location: Onsite 5 days a week in Tampa, Florida

Reports to: Chief Information Officer (CIO)

Job Summary

We are seeking a visionary and highly experienced Vice President (VP) of Information Security to lead our client's cybersecurity program. This executive will be responsible for the strategic development and operational execution of a comprehensive security framework to protect our information assets, systems, and infrastructure from an ever-evolving threat landscape. As a key member of the senior leadership team, the VP of Information Security will champion a culture of security awareness and resilience across the entire organization.

Duties & Responsibilities

• Strategic Planning & Leadership: Design, implement, and maintain a strategic, enterprise-wide vision and roadmap for information security and risk management that aligns with business objectives. Provide strong leadership and mentorship to a team of security professionals.
• Risk Management & Governance: Lead the information security governance processes. Direct the identification, evaluation, and reporting of information security risks in a manner that meets compliance and regulatory requirements.
• Security Operations: Oversee the continuous monitoring and protection of information processing resources. Lead the Security Operations Center (SOC) and manage a robust incident response program, ensuring rapid detection, containment, and eradication of threats.
• Policy & Compliance: Develop, publish, and enforce corporate information security policies, standards, and guidelines. Ensure the organization maintains compliance with relevant laws and regulations SOX, GDPR, CCPA, HIPAA) and industry standards (NIST, ISO 27001).
• Technology & Architecture: Collaborate with IT and engineering teams to ensure security is integrated into all phases of the technology lifecycle ("Security by Design"). Evaluate and implement security technologies and tools to enhance the organization's defensive posture.
• Budget & Vendor Management: Develop and manage the annual information security budget. Oversee relationships with third-party vendors, managed security service providers, and contractors.
• Executive Communication: Effectively communicate the status of the security program, critical risks, and incident updates to the executive team and the Board of Directors.

Required Qualifications

• Experience: A minimum of 12 years of experience in the information security field, with at least 7 years in a senior management or leadership role.
• Education: Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related discipline.
• Certifications: Professional security management certification, such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) is required.
• Technical Expertise: Deep knowledge of security frameworks (NIST, ISO 27001), risk assessment methodologies, security architecture, and incident response protocols.
• Leadership Skills: Proven ability to build, lead, and motivate a high-performing, cross-functional security team.
• Business Acumen: Strong understanding of business principles and the ability to align security initiatives with strategic company goals.
• Communication: Exceptional written and verbal communication skills, with the ability to present complex technical topics to a wide range of audiences, from engineers to the board of directors.

Preferred Qualifications

• Master's degree in Cybersecurity or an MBA.
• Experience in the Financial sector.
• Extensive experience with cloud security (AWS, Azure, GCP).
• Additional certifications such as CISA, CRISC, or CISSP-ISSMP.
• Demonstrated experience presenting to a Board of Directors.