Vice President, Chief Information Security Officer (CISO)
Indexed description
Primary Tasks:
Security
- Lead teams spanning application security, infrastructure security, identity and access management, security operations, compliance, data privacy, and security engineering
- Deeply integrate into the business to understand strategic priorities, ensuring security, compliance, and privacy are embedded into every initiative from inception
- Represent Holman's information security posture to the Board, Executive team, vendors, customers, and internal stakeholders, serving as the primary voice on all security matters
- Advance and execute Holman's security roadmap with inputs from enterprise risk, evolving threat landscapes, changing regulatory requirements, and business objectives
- Champion AI-enabled transformation to accelerate operational efficiency, while serving as a key organizational partner in defining and enforcing governance guardrails that manage AI-related risks across data security, privacy, and regulatory compliance
- Oversee Enterprise Product Security that partnering with Product, Data, and Development teams to proactively mitigate threats and enforce secure development standards
- Partner with technology leadership to implement modern cloud security standards, policies, and processes to enable and accelerate Holman’s cloud expansion
- Oversee penetration testing programs and compliance reporting, translating findings into actionable guidance for engineering and operations teams
- Ensure risk controls are implemented, monitored, and maintained across the full system lifecycle
- Evangelize security-first practices, policies, and procedures across the organization — particularly among product, engineering and development teams — maintaining updated documentation and processes to address production vulnerabilities
- Lead business continuity and disaster recovery strategy and execution, partner with business and enterprise risk teams to define risk tolerance, and oversee periodic testing and validation of processes
- Monitor the evolving security and threat landscape, communicating trends and implications to Executive leadership to maintain organizational alignment
- Continue to evolve and tune enterprise identity management solutions to streamline user experiences while mitigating threats, leverage job data to automate access to systems and data, provide guidance and expertise to product teams on enterprise expectations for federated identity solutions in our products and services
- Own the strategy, architecture, and operational reliability of Holman's enterprise infrastructure, spanning on-premises, colocation, and cloud compute and storage environments
- Drive technology lifecycle and capacity planning across infrastructure domains, ensuring systems are modernized and scaled to support business growth
- Establish a cloud center of excellence in partnership with cloud and application teams to align infrastructure architecture with modern delivery patterns and security standards
- Manage infrastructure vendor relationships, SLAs, and contract renewals, ensuring performance commitments, risk posture, and commercial terms are aligned
- Partner with product, data, and development teams to establish strategies and roadmaps to optimize spend between cloud and premises compute and storage
- Own enterprise network architecture and operations, including WAN, LAN, SD-WAN, perimeter security, and internet connectivity across all Holman locations
- Manage carrier and ISP relationships, ensuring network reliability, performance, and cost efficiency at scale
- Lead strategy and execution across end-user computing, Microsoft 365, end-user AI, and productivity platforms — driving automation, empowering users, reducing overhead, and creating an optimal user experience
- Drive modernization initiatives, aligning connectivity strategy with Zero Trust and cloud-first architectural principles
- Lead the migration from legacy telephony environments toward modern cloud-based UCaaS and CCaaS solutions, ensuring continuity and end-user experience throughout the transition, and enabling the business to evolve customer interactions to improve efficiency and customer experiences
- Serve as a core member of the technology leadership team, contributing to the broader vision and strategy for the IT employee experience
- Build and retain a high-performing teams by fostering a culture of continuous learning, clear career development, and accountability.
- Champion solutions designed with the end user in mind — reducing friction without compromising control and ensuring security enables productivity rather than hindering it.
- Own financial planning, FinOps, and multi-year forecasting, ensuring investments are prioritized against risk reduction objectives and aligned with broader business goals.
- Perform all other duties and special projects as assigned
- Bachelor's degree or significant work experience in a related field
- 15+ years' experience at a senior management level, with multiple levels of reporting relationships strongly preferred
- 5+ years of deep, hands-on technical cybersecurity experience, providing a strong practitioner foundation to lead with credibility across security engineering, architecture, and operations
- Prior security leadership role, ideally at the CISO level
- Demonstrated ability to lead across multiple technology disciplines simultaneously, including teams and functions outside of direct security expertise, with broad knowledge spanning engineering, infrastructure, compliance, and operations
- Proven experience leading enterprise infrastructure operations, network architecture, and unified communications functions, with the ability to set strategy and hold operational accountability across those domains
- Experience managing and modernizing legacy technology environments, including compute, telephony and network platforms, toward modern cloud-based solutions
- Experience with contract and vendor negotiations and management, including managed services providers across security, infrastructure, network, and telecom
- Demonstrated experience ensuring compliance with privacy and security rules and regulations
- Knowledge of common information security management frameworks, including ISO/IEC 27001 and NIST, and the ability to apply them pragmatically across a complex enterprise environment
- Deep experience with cloud security architecture and governance, preferably in Azure, including identity, network security, and compliance controls in a hybrid enterprise environment
- Proven understanding of security controls and technologies including but not limited to SIEM, DLP, WAF, IPS, DevSec, endpoint protection, Zero Trust, etc.
- Strong knowledge of rules, regulations, and frameworks related to information security and data confidentiality, including PCI, NIST, and ISO 27001. FTC Safeguards, TISAX, and GDPR beneficial.
- Track record of building and scaling high-performing technical teams across security, infrastructure, and operations disciplines
- Master’s degree preferred
- Certified Information Systems Security Professional (CISSP) or similar
- Azure certifications such as AZ-305
- Familiarity with fleet management, automotive retail, or similarly regulated and operationally complex industry environments preferred
- Health Insurance
- Vision Insurance
- Dental Insurance
- Life and Disability Insurance
- Flexible Spending and Health Savings Accounts
- Employee Assistance Program
- 401(k) plan with Company Match
- Paid Time Off (PTO)
- Paid Holidays, Bereavement, and Jury Duty
- Paid Pregnancy/Parental leave
- Paid Military Leave
- Tuition Reimbursement
Temporary or Part-Time
In geographic areas with statutory paid sick leave, part-time and temporary employees will receive a paid sick leave benefit that meets the mandated requirements.
Pay:
We offer competitive wages that are commensurate with job-related skills, experience, relevant education or training, and geographic location, starting in the range of $275,430.00 - $426,915.00 USD annually for full time employees. The annual compensation range is comprised of base pay and bonus earnings.
Artificial Intelligence Statement
We recognize that applicants for positions at any organization may view AI tools for tasks such as drafting a resume or cover letter, provided the information is accurate and truthful. However, applicants should not use AI tools to:
- Answer interview questions on their behalf, or use AI tools in any way during the interview or other qualification process(es).
- Misrepresent or embellish qualifications, skills, or experience
- Create false or misleading representations of identity (e.g., deepfakes or altered images/videos)
Equal Opportunity Employment and Accommodations:
Holman provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
If you are a person with a disability needing assistance with the application process, please contact [email protected]
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search