Vice President, Information Security

4 weeks ago


Remote, Oregon, United States InvoiceCloud Full time

About InvoiceCloud:

InvoiceCloud is a leading provider of online bill payment services. Founded in 2009, the company has grown to be one of the leading disruptors in the cloud-based electronic bill presentment and payment (EBPP) space, helping institutions put customer experience first. By switching to InvoiceCloud, clients can improve customer engagement, loyalty, and efficiency while reducing churn and missed payments in the process. With over 50 million payments processed annually, InvoiceCloud is one of the most secure, innovative, and inclusive fintech solutions in the market. To learn more, visit


The fundamental duty of the Vice President, Information Security is to reduce or eliminate the security risks to InvoiceCloud's intellectual property, data, critical infrastructure and other information and physical assets. They are primarily responsible for establishing and maintaining the governance, strategy, actions, processes, policies, tools, partnerships, and other controls designed to protect those assets from unauthorized access, use, theft, tampering, or damage. The Vice President, Information Security will report to InvoiceCloud's General Counsel.

More detailed responsibilities for the Vice President, Information Security role include, but are not limited to the following:

  • Build and maintain a culture of security for the organization where security is a forethought, not an afterthought and is integral to the key ingredients of success for InvoiceCloud.
  • Develop and nurture a team of crack security professionals focused on honing their craft while improving the reputation of InvoiceCloud as a market leader in digital payment and customer engagement services.
  • Assemble a network of key stakeholders, service provides, and industry experts to provide the Vice President, Information Security and their team the necessary support in pursuit of their objectives.
  • Foster collaboration, encourage diverse thought and productive debate, and inspire innovation that quickly produces solutions to security challenges.
  • Promote a security vision aligned with InvoiceCloud's mission and company objectives through actions and communication.
  • Develop security capabilities that present obvious value to customers and are recognized as competitive differentiators.
  • Abstain from creating security impediments to product innovation and customer engagement.

The Vice President, Information Security will also be responsible for maintaining a comprehensive security program that includes coverage for the following domains including but not limited to:

  • Oversight, governance, and management: ensure that security operations run smoothly and in a manner that continuously improves the overall security maturity level as measured against industry-standard frameworks such as HiTrust, PCI –DSS, NIST CSF, SP 800-53, 171, or others; maintain compliance with standards commensurate with business needs; maintain communication with key leaders such that risks are known and managed.
  • Open-source software: continually evaluate the suitability and integration of open-source software and services; maintain and expand understanding of open-source software, licensing, and ecosystem; develop and oversee open-source security policies, protocols, and procedures; and conduct security research on the latest open-source threats, vulnerabilities, and mitigation strategies.
  • Artificial intelligence: develop and implement a GenAI security strategy that aligns with InvoiceCloud's objectives and the regulatory landscape; ensure compliance with AI-specific security frameworks; lead efforts to identify and mitigate vulnerabilities specific to GenAI systems; and collaborate with development teams to integrate security best practices into the deployment of AI models.
  • Security architecture and strategy: plan, budget, procure, and implement security strategy as an integrated function inside business operations and product development; design and implement a security architecture that is aligned to and supportive of business goals.
  • Threat intelligence and risk assessments: maintain awareness of current and potential security threats, breaches, and attack vectors through a variety of channels; provide company executives with insight and warnings to possible issues vendors, partners, customers, potential mergers or acquisitions, and other material business strategies or relationships.
  • Legal and compliance integration: continuously maintain a proactive posture and level of preparedness for pending legislation or industry shifts impacting applicable information security; foster an assertive bias towards innovation in integrating information security practices into the fabric of the organization.
  • Security operations: real-time threat detection, analysis, response, and remediation; general security hygiene, patch management, and security awareness training/testing; incident response and management; comprehensive vendor risk management.
  • Data loss prevention: ensure data, information, assets, and proprietary property remain secure from corruption, misuse, and theft.
  • Investigations and forensics: assemble the capabilities, including but not limited to technology and team, to conduct investigations with the appropriate chain of custody and forensic procedures to determine the potential indicators of compromise for a known or suspected security breach, leak, hack, or other related issue; work with law enforcement, internal and external legal counsel to conduct the investigation in a discreet and confidential manner; incorporate finding information and remediation activity into controls to prevent future issues.
  • Application Security: ensure that engineering teams are trained and consistently exercising application security best practice in accordance with industry standards; ensure that application risks are known and mitigated in both internally and externally developed software

What success looks like:

First 30 days

  • Gain business and organizational context:
    • Research the business model, product offering, and organizational structure of InvoiceCloud.
    • Observe meetings.
    • Insert into communications streams (Slack, Teams, email, recurring meetings)
  • Build relationship map for achieving goals, removing obstacles, and strategic alignment.
  • Meet with company's executive leadership team members.
  • Present initial overview of business context and key relationship map to General Counsel.

First 60 days

  • Establish an understanding of InvoiceCloud's information security profiles that identifies the applicable controls, frameworks, and relative maturity levels;
  • Evaluate the existing security program goals, progress, and effectiveness.
  • Review available information security risk artifacts, including incident reports, risk register, program documentation, training material and other relevant information, identifying specific improvement opportunities and themes.
  • Assess existing team member talent, experience, productivity and summarize key findings, observations, themes, and actions to discuss with General Counsel.
  • Present an initial draft of a comprehensive security strategy plan document to the General Counsel that outlines organizational structure requirements, key actions, long and short-term objectives, high-level budget needs, and timeline for execution.
  • Prepare an observations and action report for executive leadership team presentation.

First 90 days

  • Deliver final comprehensive security strategy plan document that outlines centralized and harmonized security reporting strategy, organizational structure, key actions, long and short-term objectives, high-level budget needs and timeline for execution.
  • Develop an annual budget and goals aligned with overall InvoiceCloud planning process.

Qualifications

  • Bachelor's degree in IT, Computer Science, Computer Engineering, or related technical field; Master's degree or MBA preferred
  • 10-15 years of relevant experience in information security
  • Aptitude to articulate technical and security content in a manner that non-technical audiences can understand.
  • Experience with enterprise-level governance and policy development.
  • A developed network of security professionals, law enforcement contacts, and vendor relationships.
  • Knowledge of and personal certification in various industry standards, frameworks, and programs.
  • Experience with application security.
  • Accustomed to customer and prospective customer interaction and communication.
  • Knowledge of current relevant legislation as well as potential and upcoming legislation and ethical considerations impacting information security practices and requirements.
  • Incident management and remediation skills.
  • Strategic management, planning, and budgeting skills.
  • A diverse background in various fields of technology and business.

Benefits

We offer a competitive benefits program including:

  • Medical, dental, vision, life & disability insurance
  • 401(k) plan with company match
  • Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays
  • Mental health resources
  • Paid parental leave & Backup Care
  • Tuition reimbursement
  • Employee Resource Groups (ERGs)

InvoiceCloud is an Equal Opportunity Employer.

InvoiceCloud provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

If you have a disability under the Americans with Disabilities Act or similar law, or you require a religious accommodation, and you wish to discuss potential accommodations related to applying for employment at our company, please contact

Click here to review InvoiceCloud's Job Applicant Privacy Policy.

To all recruitment agencies: InvoiceCloud does not accept agency resumes. Please do not forward resumes to our job's alias, employees, or any other organization location. Invoice Cloud is not responsible for any fees related to unsolicited resumes.



  • Remote, Oregon, United States Iodine Software Full time

    Vice President of Implementation & Support Join us. Let's make a direct impact in healthcare.Being an Iodine employee means becoming part of something bigger: using clinical AI technology to drive smarter healthcare processes and positively impact patient care.Who we are:Iodine is an enterprise AI company that is championing a radical rethink of how to...


  • Remote, Oregon, United States Iodine Software Full time

    Vice President of Implementation & Support Join us. Let's make a direct impact in healthcare.Being an Iodine employee means becoming part of something bigger: using clinical AI technology to drive smarter healthcare processes and positively impact patient care.Who we are:Iodine is an enterprise AI company that is championing a radical rethink of how to...


  • Remote, Oregon, United States Lumen Full time

    About LumenLumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.Lumen's commitment to workplace inclusion and employee support...


  • Remote, Oregon, United States Lumen Full time

    About LumenLumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.Lumen's commitment to workplace inclusion and employee support...


  • Remote, Oregon, United States Motive Full time

    Who we are:Motive empowers the people who run physical operations with tools to make their work safer, more productive, and more profitable. For the first time ever, safety, operations and finance teams can manage their drivers, vehicles, equipment, and fleet related spend in a single system. Combined with industry leading AI, the Motive platform gives you...


  • Remote, Oregon, United States DAT Freight & Analytics Full time

    About DATDAT is an award-winning employer of choice and a next-generation SaaS technology company that has been at the leading edge of innovation in transportation supply chain logistics for 45 years. We continue to transform the industry year over year, by deploying a suite of software solutions to millions of customers every day - customers who depend on...


  • Remote, Oregon, United States Icertis Full time

    With unmatched technology and category-defining innovation, Icertis pushes the boundaries of what's possible with contract lifecycle management (CLM). The AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform turns contracts from static documents into strategic advantage by structuring and connecting the critical contract information...


  • Remote, Oregon, United States Icertis Full time

    With unmatched technology and category-defining innovation, Icertis pushes the boundaries of what's possible with contract lifecycle management (CLM). The AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform turns contracts from static documents into strategic advantage by structuring and connecting the critical contract information...


  • Remote, Oregon, United States Iodine Software Full time

    Vice President, Corporate Marketing Join us. Let's make a direct impact in healthcare. Being an Iodine employee means becoming part of something bigger: using clinical AI technology to drive smarter healthcare processes and positively impact patient care. Who we are: Iodine is an enterprise AI company that is championing a radical rethink of how to create...


  • Remote, Oregon, United States Iodine Software Full time

    Vice President, Corporate Marketing Join us. Let's make a direct impact in healthcare. Being an Iodine employee means becoming part of something bigger: using clinical AI technology to drive smarter healthcare processes and positively impact patient care. Who we are: Iodine is an enterprise AI company that is championing a radical rethink of how to create...


  • Remote, Oregon, United States Iodine Software Full time

    Vice President, Corporate Marketing Join us. Let's make a direct impact in healthcare. Being an Iodine employee means becoming part of something bigger: using clinical AI technology to drive smarter healthcare processes and positively impact patient care. Who we are: Iodine is an enterprise AI company that is championing a radical rethink of how to create...


  • Remote, Oregon, United States Ascensus Full time

    The Regional Vice President's (RVP) primary responsibility is to facilitate the growth of retirement plan sales through Financial Professionals, TPAs, RIAs, and DC I/O Firms. This is accomplished through promoting both our product options and our alliance partners' products, advising and assisting Financial Professionals during the prospecting stage, and...


  • Remote, Oregon, United States Ascensus Full time

    The Regional Vice President's (RVP) primary responsibility is to facilitate the growth of retirement plan sales through Financial Professionals, TPAs, RIAs, and DC I/O Firms. This is accomplished through promoting both our product options and our alliance partners' products, advising and assisting Financial Professionals during the prospecting stage, and...


  • Remote, Oregon, United States Opala Full time

    As the Vice President of Sales, you will be responsible for developing and executing a sales strategy to achieve ambitious revenue targets, drive customer acquisition and retention. Reporting directly to the CEO, you will collaborate closely with the executive team to align sales objectives with the company's overall vision and mission. Your primary focus...


  • Remote, Oregon, United States Opala Full time

    As the Vice President of Sales, you will be responsible for developing and executing a sales strategy to achieve ambitious revenue targets, drive customer acquisition and retention. Reporting directly to the CEO, you will collaborate closely with the executive team to align sales objectives with the company's overall vision and mission. Your primary focus...


  • Remote, Oregon, United States Onbe Full time

    Onbe, a fast-growing FinTech, bringing innovation to a rapidly growing global marketplace, stands for "on behalf." Because that's exactly how we work: on behalf of our clients, as their comprehensive payments partner. We transform the way payments are imagined — as an opportunity for innovation, a source of insight to customers, and a way to connect with...

  • Vice President, Sales

    1 month ago


    Remote, Oregon, United States Iora Health Full time

    About UsOne Medical is a primary care solution challenging the industry status quo by making quality care more affordable, accessible and enjoyable. But this isn't your average doctor's office. We're on a mission to transform healthcare, which means improving the experience for everyone involved - from patients and providers to employers and health networks....


  • Remote, Oregon, United States The Cigna Group Full time

    Work Location - Remote, United States60% travel required, including some overnightsValid insurance license requiredSummary:The Regional Vice President for Cigna Supplemental Benefits (CSB) will be a critical team member responsible for making CSB a market leader in the Medicare Supplement and individual ancillary products space. This individual will be part...


  • Remote, Oregon, United States The Cigna Group Full time

    Work Location - Remote, United States60% travel required, including some overnightsValid insurance license requiredSummary:The Regional Vice President for Cigna Supplemental Benefits (CSB) will be a critical team member responsible for making CSB a market leader in the Medicare Supplement and individual ancillary products space. This individual will be part...


  • Remote, Oregon, United States Going Full time

    We will be closing applications on Friday, May 31st to ensure we can review and respond to all candidates that have applied.Why This Role is UniqueWith 2+ million users and no capital raised, this is an opportunity to join a startup with a strong foundation and huge ambitions. As Going's Vice President of Product, you will have one of the most invigorating...