Vice President, IT Security
The Vice President (VP), IT Security is responsible for leading and overseeing all aspects of the Company’s technology security and compliance program. Responsibilities include the development of the Company’s cyber security strategy, the identification and procurement of all IT security technologies and services, security monitoring and threat intelligence, data privacy (including GDPR), and regulatory/audit compliance. As a senior member of the Technology Leadership team, this positon acts as the overall security and compliance leader in the organization.
Primary position responsibilities:
- Provides strategic direction and oversight for the development and implementation of Cass’ Technology Security Program.
- Chairs the Security & Risk Management Committee.
- Monitors and aggressively manages security vulnerabilities and potential hacking threats in network and host systems.
- Creates and implements a strategy for the deployment of information security technologies.
- Stays abreast of the latest IT security innovations and cyber security technologies and serves as an advisor to business leaders.
- Performs IT security risk assessments and reports on ways to minimize potential threats.
- Actively participates in leading industry associations affiliated with cyber security strategy and management in order to effectively represent the Company, establish external relationships and understand evolving threats. Researches, selects, and procures all IT security products and services.
- Develops and oversees the inclusion of security standards in all application development activities.
- Manages IT security vendor relationships corporate-wide. This includes the evaluation, negotiation and approval of all security vendor relationships providing services, hardware, software, and infrastructure purchases.
- Develops and implements the Corporate Information Security Program, including:
- Security policies and procedures
- Security awareness training
- Vulnerability assessments and management
- Develops and manages the Corporate Security Incident Response Team (SIRT).
- Ensures compliance with all domestic and international data privacy laws, including the General Data Protection Regulation (GDPR).
- Ensures compliance with all Regulatory and Internal Audit controls.
- Manages the identification and effective remediation/closure of all control issues.
- Produces a monthly Cyber Security and Risk Dashboard for executive leadership.
- Ensures confidentiality and reliability of corporate data, proprietary information, and intellectual property.
- Provides all electronic discovery and digital forensics services for the organization.
- Manages direct reports by:
- Monitoring, evaluating, and improving performance through accurate and timely performance feedback, development plans, training, and mentoring.
- Interviewing, hiring, promoting, and terminating employment as necessary.
- Assumes additional security / technology related duties and responsibilities as directed.
Skills and Abilities Required:
- Digital leadership skills – capable of empowering and leading an IT security team to meet both business and IT security goals.
- Solid people management skills – providing direction, monitoring performance, motivating staff and building a positive working environment.
- Ability to adapt to a fast moving IT landscape and keep pace with latest thinking and new security technologies.
- A passion for technology and security safeguarding with a proven track record for delivering strong results.
- Thrives on change, showing an impressive ability to drive the IT security strategy forward.
- Capable of managing numerous information sources and providing security and compliance dashboard reports to executive management.
- Excellent communication skills – both verbal and written communication that is outstanding to all levels of technical acumen.
- Forms business partnerships that help drive the IT security strategy forward.
- Ability to make sound decisions that are well informed and timely.
- Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
Minimum Level of Preparation and Training Required:
- Bachelor’s degree in Information Technology, Computer Science, Information Security or a related business field; A Master’s Degree is highly desirable.
- Applicable certifications in IT security, such as CISM, CISSP, CompTIA, or related preferred.
- 10+ years in progressive roles in IT with an emphasis on information security.
- 5+ years in a senior management/leadership position.
- Substantial exposure to current technologies, data processing, hardware platforms, enterprise software applications, and outsourced systems, including enterprise storage and payment processing systems.
Please apply directly to this position via the “Apply” button. You will be required to create an account and provide your resume, contact information and other pertinent employment information. This process typically takes 20 minutes or less. Should we find that you meet the minimum requirement of the position, a member of our recruiting team will be in touch to start the interview process.
About Our Company:
Cass Information Systems is the nation's leading provider of payment and information services for Corporate America’s freight, utility, waste and telecom expenses. We are a business-to-business solutions provider focused on invoice processing, payment, auditing and business intelligence services. We are strongly committed to providing consistently high-quality service to our customers and deeply committed to the welfare and professional growth of our staff.
St. Louis, Missouri