Vice President, Security & Compliance

POSITION LOCATION

This position is eligible for a hybrid work arrangement. Currently 5 days of on-site work per month are required.

POSITION PURPOSE

The Vice President of Security and Compliance is a strategic leadership role responsible for developing, implementing, and overseeing the organization’s security, risk, and compliance programs. This role ensures the protection of company assets, data, and infrastructure (data center and cloud) while maintaining adherence to industry standards, government regulations, and best practices. This executive will lead cybersecurity, threat intelligence, internal audit, and compliance efforts, ensuring the organization is protected from evolving risks while maintaining industry standards.

Responsibilities

DUTIES & RESPONSIBILITIES

• Responsible for overseeing, directing and the overall success for the following areas:
• Security
• Threat Intelligence
• Compliance
• Internal Audit
• Define and execute the long-term vision and strategy for security and compliance across the organization.
• Serve as the subject matter expert for cybersecurity, data protection, privacy, and compliance practices.
• Act as a trusted advisor to the executive leadership and board on security and compliance risks.
• Develops and implement operational plans, policies, and goals which support strategic objectives.
• Keeps executive team well informed of area activities and significant problems.
• Oversees threat intelligence and vulnerability management programs to proactively identify and mitigate risks.
• Leads the development and implementation of security policies, standards, and procedures.
• Leads incident response and forensics teams to manage cybersecurity breaches and security incidents.
• Oversees third-party risk management, ensuring vendors adhere to security and compliance standards
• Ensures compliance with industry regulations and standards (ISO, SOC 2, NIST, DSS, etc.)
• Leads the development and maintenance of policies, procedures, and controls to meet regulatory requirements
• Oversees internal and external security and compliance audits, ensuring adherence to internal policies and external regulations
• Oversees enterprise risk management (ERM) strategies, identifying and mitigating cybersecurity and compliance risks
• Ensures that staffing levels are appropriate and human resources are effectively utilized. Interviews, hires, fires, and assigns personnel.
• Provides leadership to team through goal setting, delegation and communication.
• Cultivates and fosters team building and cooperation and motivates team members to achieve goals.
• Ensures that personnel are well trained, effective, and optimally used. Instructs personnel regularly regarding policy, procedure, and program changes.
• Conducts performance appraisals and coaches and mentors throughout the performance cycle.
• Formulates and implements corrective actions as needed. Provides measurable feedback and suggestions for improved performance.
• Responsible for timesheets and PTO requests for team members.
• Conducts meetings to ensure that personnel are well informed of changes.
• Develops a strong understanding of client objectives and assesses their business strategies and needs in relation to their objectives.
• Ensures effective ongoing communication with clients to maintain high levels of customer retention.
• Ensures team is providing quality service and establishes quantitative quality metrics.
• Work with multiple internal teams, external partners, and clients to promote high quality work.
• Assists with short- and long-term departmental and company planning.
• Executes corporate objectives, initiatives and departmental goals and ensures items are completed on time and within budget.
• Completes annual budgeting for department.
• Identifies and drives improvements in process that fosters quality, excellent service, customer experience, schedule and cost improvements.
• Provides insight and leadership by applying industry knowledge and experience to complex situations.
• Ensures that department functions are well coordinated with other Company operations.
• Keeps Executive Team informed of progress towards established objectives, and of any significant challenges.
• Completes required reports and records.
• Attends and participates in meetings and committees as required.
• Ensures that work area is clean, secure, and well maintained.
• Stays informed of Jack Henry products and other industry product trends.
• Completes special projects as assigned.
  

Education & Experience Requirements

• B.S. in computer science, cybersecurity or related field or equivalent experience and training.
• Advanced degree preferred.
• Ten or more (10+) years of experience in information security and/or compliance, risk management.
• Five or more (5+) years of management or leadership level experience of equivalent decision-making authority/experience.
• Five or more (5+) years directly managing technical teams.
• Experience managing complex, multiple and/or cross divisional projects at once.
• Experience preparing and effectively managing departmental budget.
• Experience coaching and mentoring for leadership positions.
• Strong background in threat intelligence, security operations, incident response, internal audit, compliance and/or risk management.
  
  

Required Knowledge

• Strong analytical/technical knowledge pertaining to decision analysis.
• Strong understand of security principles, frameworks, and best practices.
• Experience with compliance policy, procedure and governance structure.
  
  

WORKING CONDITIONS

Special

• No hazardous or significantly unpleasant conditions (such as in a typical office).
• Additional hours, including Saturday/Sunday support, as required.
• Occasional travel overnight for training, conferences and to clients (required).
• Long duration of computer workstation usage.
  
  

Intent And Function Of Job Descriptions

Job descriptions assist organizations in ensuring that the hiring process is fairly administered and that qualified employees are selected. They are also essential to an effective appraisal system and related promotion, transfer, layoff, and termination decisions. Well-constructed job descriptions are an integral part of any effective compensation system.

All descriptions have been reviewed to ensure that only essential functions and basic duties have been included. Peripheral tasks, only incidentally related to each position, have been excluded. Requirements, skills, and abilities included have been determined to be the minimal standards required to successfully perform the positions. In no instance, however, should the duties, responsibilities, and requirements delineated be interpreted as all inclusive. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals. However, no accommodations will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization.