VP of Information Security

CU Student Choice Partners LLC

$130K — $180K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 7-12 years of experience in information security or cloud security roles
  • Proficient in Azure and/or Microsoft 365 security and architecture
  • Skilled in monitoring, incident response, and cloud operations
  • Familiar with automation and modern infrastructure practices
  • Experience collaborating with MSPs or external service providers
  • Knowledgeable about SSAE 18 and regulated environments

Responsibilities

  • Lead the development of a risk-based, business-aligned security program
  • Balance security controls with performance and usability
  • Translate security risks into actionable insights for leadership
  • Architect secure and resilient systems in collaboration with vendors
  • Enhance monitoring and alerting capabilities across systems
  • Oversee incident response processes and implement continuous improvement
  • Manage third-party security assessments and ensure compliance

Benefits

  • Work from home flexibility
  • Collaborative and focused security culture
  • Opportunities for continuous learning and professional growth
  • Engagement with cutting-edge cloud security technologies
  • Participation in policy and governance shaping
Full Job Description
Title: VP, Information Security

Standard Hours: 40

Primary Location: Home Office

Reports to: CIO

Position Summary

The Vice President of Information Security leads a modern, business-aligned security program across the organization's Microsoft-based environment.

This role blends security leadership with cloud architecture and reliability principles, ensuring systems are not only protected, but also resilient, observable, and continuously improving.

The VP will work closely with internal teams, vendors and a managed service provider (MSP), maintaining accountability for outcomes while enabling efficient, scalable operations.

Core Responsibilities

Security Program Leadership
• Manage and maintain a risk-based, right-sized security program aligned to business priorities
• Manage security controls that balance protection, usability, and system performance
• Translate risk into clear, actionable decisions for leadership

Cloud Security, Architecture & Reliability
• Working with our vendors, ensure systems are architected with:

o Strong identity and access controls

o Secure configurations

o High availability and resilience
• Partner with MSP and IT to build secure, scalable, and fault-tolerant systems
• Promote infrastructure consistency and automation

Observability, Monitoring & Metrics
• Manage and enhance monitoring, logging, and alerting across all platforms
• Define and track key security and reliability metrics, such as:

o Incident detection and response times

o Vulnerability remediation timelines

o System availability and performance
• Improve visibility into system behavior to support faster, more effective decision-making

Incident Response & Continuous Improvement
• Lead all aspects of incident response, including coordination with MSP, COO, and CIO
• Conduct root cause analysis and implement corrective actions
• Drive a culture of continuous improvement, reducing repeat incidents over time
• Ensure systems and processes evolve based on lessons learned

MSP Management & Operations
• Manage the MSP relationship, ensuring accountability and performance
• Oversee:

o Security monitoring

o Alert triage and response

o Vulnerability management

o Desk top maintenance and issue resolution
• Define SLAs and ensure operational effectiveness

Risk, Compliance & Audit
• Working with internal and external resources, lead SSAE 18 / SOC audits, including preparation and remediation coordination.
• Maintain existing policies, standards, and documentation aligned to actual risk
• Create new policies as identified

Business Continuity & Resilience
• Co-Own business continuity and disaster recovery programs across the organization
• Participate in testing and improvement recommendations

Vendor & Partner Security
• Assess and monitor third-party security posture
• Integrate vendor risk into broader risk management practices
• Work with and manage other vendor partners to ensure best security practices and successful audits.

Security Culture & Awareness
• Promote a practical, accountable security culture
• Deliver targeted training and awareness programs to staff
• Stay current on threats and evolving best practices

Qualifications
• ~7-12 years in information security, cloud security, or related roles
• Experience with Azure and/or Microsoft 365 security and architecture
• Experience with monitoring, incident response, and cloud operations
• Familiarity with automation and modern infrastructure practices
• Experience working with MSPs or external service providers
• Exposure to SOC/SSAE 18 and regulated environments

Leadership Profile
• Hands-on and accountable, with both strategic and technical capability
• Focused on measurable outcomes and continuous improvement
• Pragmatic-balances security, reliability, and business needs
• Strong collaborator across technology, operations, and leadership
• Growth-oriented and eager to expand leadership scope

Work Conditions
• Sitting for extended periods of time
• Dexterity of hands and fingers to operate a computer keyboard, mouse, and other devices
• Physically able to participate in training sessions, presentations and meetings
• Some travel is required for the purpose of meeting with management, employees, and occasional credit union client meetings

Similar Jobs

More Jobs at CU Student Choice Partners LLC

More Information Technology Jobs

Find similar VP of Information Security jobs: