This senior leader will provide overall direction, accountability and leadership to Security Engineering and Operations organization within Technology Risk and Security Management. The VP will direct multiple units of IT Security Professionals, by implementing and managing effective and efficient organizational structures. The VP will be a member of the management team reporting to the CISO (Chief Information Security Officer) and will share direct responsibility and accountability for overall IT Security results with peer Security Leaders.
- Has extensive hands experience managing Network Security engineering and operations for capabilities including but not limited to Perimeter protection via Firewalls, WAF (Web Access Firewall), IPS (Intrusion Prevention Systems), Email Security, Remote Access, DDOS protection, and Web Filtering tools and technologies.
- Has good exposure to the management of Endpoint Protection security engineering and operations for capabilities including but not limited to server and desktop protection like Data Loss Prevention, AV (antivirus), IPS (Intrusion Prevention Systems), Email Security, Remote Access, Endpoint management and enforcement, eDiscovery, Endpoint Vulnerability and Compliance Scanning, and Web Filtering.
- Has significant hands on experience managing Web Security engineering and operations for capabilities including but not limited to Web-Security MFA, Security Access Manager, Forward and Reverse Proxies, Security Access Gateways, Phone-printing and biometric technologies, API Management, Security Single Sign On, Data Masking, Encryption, and SSL/PKI implementations and technologies.
- Has extensive hands experience managing the engineering and operations for Security Monitoring including log management and the capabilities for file-share, applications and database monitoring tools.
- Is well versed with network, web and application security aspects of Cloud Security as it applies to IaaS paradigms.
- Can perform the role and responsibility of a CISO delegate if required.
- Partners with Business and IT and Security organizations to define, develop, and implement appropriate staffing strategies to support Voya business operations.
- Establishes the appropriate work environment, structures, and processes to ensure that overall quality goals are established, monitored, and satisfied for all work activities.
- Establishes the appropriate financial management metrics to ensure that departmental, unit, and project based financial plans are proactively monitored, managed and reported.
- Partners with critical business and IT and Security areas to ensure that all projects/efforts are adequately defined, managed, and completed; achieving the shared business and IT and Security objectives.
- Accountable for final administrative and operational decisions for an IT Security department; supervise development and approval of business plans and budgets prepared by subordinate managers.
- Critical member of the IT Security executive team in formulation of Voya’s IT strategy and plans. Responsible for ensuring development and management of all employees in the IT Security department.
- Responsible for ensuring development and management of all employees in the IT Security department.
- Other duties as assigned.
Knowledge & Experience:
- Bachelor's degree in Computer Science, Engineering or a directly related field; Master's Degree (MS or MBA) preferred.
- 15+ years of progressively responsible IT Security management experience, including 10 years in IT Security engineering and operations.
- Has at least 2 of the following security certifications – CISSP, CEH, CISM or CCSP.
- Strong financial and organizational management experience (managing 100+ staff organizations, with $10M+ operating budget).
- Strong understanding of financial service and insurance business and technologies.
- Significant experience in multiple areas of IT field, including new computing architectures, systems support strategies, IT Security Services and/or process and project methodologies.
- Demonstrated success in project management and execution involving multiple major projects or a substantial record of success delivering complex IT services to a diverse clientele.