Head of IT Security
Indexed description
Focus: Digital Transformation, Data Modernization, IT Operations and AI
Position Overview
We are seeking a visionary Security Leader to architect and lead a comprehensive security strategy for a privately held organization. This is a pivotal role during a period of massive modernization as we transition legacy financial systems to advanced cloud ERP, centralize 150+ internal applications, and build a world-class Data & AI ecosystem.
The ideal candidate will move beyond "gatekeeping" to act as a business enabler, implementing a modern security fabric that spans multi-cloud environments (AWS, Azure, Google, etc.) and ensure our Technology, Data, and AI initiatives are secure by design.
Key Responsibilities
Enterprise Security Architecture: Hybrid Cloud & AI-Ready
- Zero Trust Framework: Design and implement a unified identity and access model that treats all users and devices as untrusted until verified, regardless of location.
- AI Security & Governance: Establish a security posture for the AI lifecycle, including model risk management, data privacy for LLMs, and protection against emerging AI-specific threats.
- Data-Centric Defense: Architect a model focused on protecting the data itself—utilizing automated classification, persistent encryption, and masking—to ensure sensitive information remains secure as it moves through modern analytics pipelines.
- Unified Identity Fabric: Build a seamless identity strategy across multi-cloud and on-premise environments to provide a single, secure point of control for the entire workforce.
- Operational Modernization: Oversee the security integration of our move from legacy systems to modern platforms, ensuring financial data integrity and auditability in the cloud and across the value chain.
- ITSM & SecOps Alignment: Integrate security incident response and vulnerability management directly into service platforms to automate workflows and reduce mean-time-to-resolution (MTTR).
- Application & API Security: Secure a portfolio of 150+ internal applications by implementing automated security testing within CI/CD pipelines and enforcing standardized API security protocols.
- Managed Services Oversight: Evaluate and manage 3rd-party security offerings (MDR/MSSP) to ensure 24/7 monitoring and response capabilities.
- Continuous Compliance: Shift from periodic audits to a continuous monitoring model that provides real-time visibility into our compliance posture.
- Third-Party Risk Management (TPRM): Build a robust program to vet and monitor the security health of our growing ecosystem of SaaS and technology partners.
- AI Ethics & Policy: Lead the development of internal policies regarding the ethical and secure use of Generative AI and automated decision-making systems.
- Business Resilience: Develop and test enterprise-wide disaster recovery and business continuity plans that account for the interdependencies of cloud-based ERP and data platforms.
- Experience: 5+ years in IT/Security, with at least 5 years in a leadership role within a $1B+ organization.
- Cloud Mastery: Proven track record of securing complex, hybrid environments across AWS, Azure, and Google.
- Business Transformation: Direct experience securing large-scale ERP migrations and data modernization projects.
- Education/Certs: Bachelor’s or Master’s in a related field. CISSP, CISM, or CCSP preferred.
- Leadership Style: A "Business-First" mindset—someone who can communicate complex cyber risks to ownership and executive stakeholders in terms of business impact.
- A family culture and atmosphere
- Competitive compensation
- Health, dental, vision, and life insurance for full-time team members
- 401(k) with generous company match
- Paid vacations and holidays
- Immense training and growth opportunities
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search