VP of IT Compliance, Info Sec,

Job DescriptionJob Description

Our client in the East Bay, CA is looking for a a permanent on-site VP of IT Compliance, Info Sec & Risk Management.

If you meet the below criteria please email your Word doc resume and availability to heather.allen@lhh.com.

Must haves to be considered:

• Apologies this client doesn’t offer Visa or other kind of sponsorship at this time.

• Must be able to work on-site in Dublin, CA. There is SOME hybrid flexibility but since it’s a leadership role there’s an expectation to be on-site more than not.

• 15 years of experience in Information Security

• 7+ years of experience in IT Compliance & Risk Management, or IT Audit & Compliance

  • Need someone who has come up through Compliance & Risk Management route (not Engineering or infrastructure etc)

• MUST HAVE BOTH Certifications: CISM & CISSP: Information security certification required: Certified Information Security Manager (CISM) AND Certified Information Systems Security Professional (CISSP).

• Must have experience designing, implementing, and managing complex risk programs and leading team size of around 6+

• Must have experience in Financial Services

• Must have experience with regulatory framework and guidelines: FFIC, regulatory framework.

• 7+ years of experience performing information security risk assessments, network penetration testing and vendor risk assessments.

• 5+ years of experience presenting risk findings to Board Committee (includes validating policies, performing annualized monitoring and testing of controls)

• Experience designing and implementing defense in depth strategies and how security controls are deployed to achieve this.

• Experience conducting risk assessments through vendors.

• Experience with information security regulations and standards including: NCUA, GLBA and CCPA, PCI, FFIEC, and NIST 800 / ISO 27000.

• Experience working in a regulated environment and responding to inquiries and findings of regulators and auditors.

• Leadership Style & Personality: Not someone who is passive, need to be assertive, open to discussion around risks, has a risk mindset, first goal of protecting the org, not negotiating how to mitigate some. Question first, negotiation 2nd. Have to be very polished because they will be interacting with the board, raise risks w/ the board.

Base Salary is between $250k - $275k + 25% annual bonus and an additional long term incentive that kicks in over time.

Standard medical, dental, vision, 3% 401(k) + 5% employer match, tuition reimbursement, and PTO.

Pay Details: $250,000.00 to $275,000.00 per year

Search managed by: Heather Allen

Equal Opportunity Employer/Veterans/Disabled

To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to https://www.lhh.com/us/en/candidate-privacy

The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable:

• The California Fair Chance Act
• Los Angeles City Fair Chance Ordinance
• Los Angeles County Fair Chance Ordinance for Employers
• San Francisco Fair Chance Ordinance

---