Vice President of Security, Compliance, and Risk Management


Sugar Land, TX

Industry: Building Materials


15+ years

Posted 294 days ago

  by    Michelle Lowrey

This job is no longer available.

NCI Building Systems, Inc. is one of North America's largest integrated manufacturers of metal components for the nonresidential building industry. NCI is comprised of a family of companies operating manufacturing facilities across the United States, Canada, and Mexico, with additional sales and distribution offices throughout the United States and Canada.

Equal Opportunity Employer ? Minorities/Women/Veterans/Disabled .

Provide executive leadership for the Information TechnologySecurity, Risk Management and Compliance team. Collaborate with Corporate Risk Management Office, Internal Audits group and our external partners to keep the company safe and compliant. This role will be responsible to define and implement an ongoing, multi-year Strategic Roadmap for the IT Security, Risk Management and Compliance functions.


- Provide energy, inspiration and motivation to the IT Security, Risk Management and Compliance team.

- Build relationships with key influencers and decision makers. Build confidence in team?s value.

- Leverage experience and domain knowledge to generate ideas to improve security defense and response.

- Participate as an active member of Incident Response Teams (e.g. Cyber, Disaster, Legal)

- Facilitate business continuity, disaster recovery and incident response planning and similuations.

- Ensure full compliance withinternal and external audit requirements (e.g. SOX, SOD, ITGC).

- Maintain risk assessement profile for Information Technology as required by Board of Directors.

- Refine policies and standards to improve security and compliance practices.

- Manage associated training programs for employees, contractors and 3rd

- Set specific objectives, goals and direction for the team to implement the IT Strategic Roadmap.

- Manage all people related aspects of the team (performance, compensation, development).

- Create, justify and manage the overall budget for the IT Security, Risk Management and Compliance team.


Current team consists of 2 direct reports. Both are primarily focused on Compliance at this time. Role will have the ability to assess team needs and build a business case to justify any required changes.


Required to define problems, establish facts and draw valid conclusions. Required to interpret a variety of information furnished in written, verbal, diagram or abstract form. Required to work with a variety of complex abstract and concrete variables. Performs with substantial latitude for independent action and judgment. Provides recommendations to all levels of management and has latitude to implement change.


Expected to develop both short and long term IT strategy and investment plan for the IT Security, Risk Management and Compliance function.

EDUCATION: 4-year College Degree or equivalent experience - Required

Certifications in Cybersecurity or Compliance - Preferred


Minimum of 15years in an IT executive leadership role. Minimum of 5years in a security, risk management or compliance leadership role. Desirable to have experience in a manufacturing environment. Preference will be given to candidates who have demonstrated a track record of building successful teams that deliver results.


Minimal travel expected. Primarily domestic.