Vice President of Information Security

Salary depends on experience
Posted on 09/21/17
San Francisco, CA
15+ years experience
IT Consulting/Services
Salary depends on experience
Posted on 09/21/17

Role Overview:

In this critical leadership role, the incumbent will take a lead role in the continued innovation of Recurly’s Information Security/Cybersecurity strategy and drive Recurly competitive advantage by facilitating a best in class security infrastructure. This role will build and lead the information security program and lead a team of high performing engineers and researchers. Reporting to the CTO, the incumbent will work closely with the VP of Engineering, VP of Infrastructure and Operations, VP of Product and the executive team. This is an exceptional opportunity to lead a team within an innovative, fast growing company.

 

Responsibilities:

  • Serve as a member of the Recurly’s Engineering Senior Management Team to develop and implement the overall information security technology strategy that is well aligned with and effectively enables the business strategy and operational goals of the organization.

  • Create and implement the overall information security product roadmap in support of the business goals

  • Work closely with  operational leadership to actively manage all information security capital investments through ongoing technology investment strategic planning, ongoing investment forecasting/variance reporting, and annual submission and business justification for authorization of required capital budget needs

  • Responsible for the overall security of Recurly’s technology assets and ensures predictable performance of the assets through accountability models leveraging industry leading best practices

  • Provide technical and business guidance to the various teams with the development department, including product owners, managers, developers, quality assurance teams and other staff members

  • Evaluate existing platforms and recommend information security technologies, including new trends in the market

  • Own security incident processes – be the primary point person during any incidents and ensure associated planning/processes are maintained

Requirements:  

  • A minimum of  15 years of experience in the network/security engineering and/or security areas with at least   10+ years of direct people management experience.

  • Graduate degree in computer science, electrical engineering, information science, or a related technical discipline preferred

  • Experience developing processes and protocols around embedding security, privacy, and compliance into the overall development process.

  • Experience developing highly effective training programs around security, privacy, and compliance that are catered to different audience (technical and non-technical).

  • Demonstrated knowledge in advanced Distributed Denial of Service (DDoS) tactics and mitigation/disruption techniques.

  • Strong knowledge of the financial services area (or other critical infrastructure areas) with an emphasis on network/system engineering and information security.

  • A track record of leading the delivery of complex, multi-faceted technology initiatives.

  • Experience with Advanced Persistent Threat (APT) and criminal actors and advanced knowledge of associated Tactics, Techniques and Procedures (TTP)

  • Experience and familiarity working across the global cyber security community

  • Demonstrated expertise and experience with advanced and 0-day threats, intrusions, malware infection, packet analysis

  • Knowledge of/experience with international compliance requirements/standards (PCI, SSAE16) and other security regulation requirements

  • Experience with privacy and PII topics within the context of SaaS platforms  

  • Experience working in high-paced Agile execution environments

     

     

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.