VP Information Security
VP Information Security Location:
Salt Lake City, UT The VP, Information Security leads and oversees all cybersecurity and compliance programs for NICE CXone. Develop security strategy, policies, procedures, technical controls, and implementation plans to safeguard all networked environments and product applications. Develop, train, and lead information security divisions that consist of vulnerability management, risk remediation, cybersecurity operations centers, auditing and compliance, and security engineering teams. Provide market cybersecurity assurance in leading information security and data privacy contract administration and vendor security management. Lead the Trust Office management team to shape the direction of company security and compliance strategies. Partner with operations, R&D, and product teams to incorporate cybersecurity programs within highly elastic cloud-based infrastructures to reduce threat vectors, ensure data privacy protection controls, minimize incident response times, and enhance security detection parameters. Partner with sales and account management teams to facilitate security and compliance transparency with NICE CXone partners and customers, ensuring the market is equipped to trust the company as their service provider and partner. Implement and lead information security compliance strategy to align with enhanced technical security programs. Incorporate experienced audit control knowledge across multiple regulatory frameworks and industry practices. Manage and direct penetration tests across all networks and applications to mitigate threat vectors and remediate discovered vulnerabilities in accordance with corporate security policies. Lead company's vulnerability management and continuous monitoring programs across operations, R&D, and product teams. Collaborate with key security vendor partners to facilitate cybersecurity platform performances. Lead NICE CXone's uptime monitoring programs for high availability reporting. As a VP Information Security, a Typical Day Might Include the Following:
Provide technical security leadership to define and enable Trust Office goals and objectives. Develop and sustain Trust Office teams to safeguard corporate networks while sustaining compliance objectives. Develop global regulatory and industry auditing programs with Trust Office auditing and compliance staff. Budget and procure security solutions, compliance solutions, and third-party/QSA audits. Achieve and sustain compliance success in coordination with adjacent operations offices across multiple regulatory and industry applied information security and data privacy audits. Leads, supervises, and works with Trust Office Managers to sustain security and data privacy goals while developing leadership skills and mentoring management staff. Stay current on industry developments to identify emerging security technologies, risks and trends to ensure our systems keep pace with security technology and risk landscape evolution. Chairs and leads company's Vulnerability Remediation Control Board, in collaboration with operations, R&D, and product leadership. Demonstrate technical security knowledge and skills to administer cybersecurity strategy and achieve security transparency within the marketplace. Collaborate with partners and customers to educate, align, and/or incorporate security controls within networked environments and product application suites. Maintain the highest level of personal certification, integrity and objectivity, following the company Code of Ethics and Nice inContact policies and procedures at all times. To Land This Gig You'll Need:
Bachelor's Degree in Computer Science, Business Information Systems, Information Systems Security or related field or equivalent work experience. 10
years of being a cybersecurity or data privacy technical practitioner 7
years of leading technical security teams within information security programs/offices 5
years of leading IT compliance teams with multiple auditing programs 5
years of working in an executive or strategic leader/managerial role over technical teams Experience leading cybersecurity programs in a SaaS-enabled infrastructure, to include the following operations:
Vulnerability Management Risk-Score and Threat Vector Mapping/Analysis Penetration Testing (white box, black box, and crystal box) Continuous Monitoring and Logging Analysis/Inspection Incident Response Malware Analysis and Digital Forensics Security Engineering and Toolset Orchestration Code Static and Dynamic Scanning Applications Data Loss Prevention Experience and technical familiarity with the following data privacy and information security global compliance frameworks:
PCI-DSS SOC 2 GDPR CCPA ISO 27001 ISO 27017 ISO 28018 ISO 27701 FedRAMP CSA-ASD MaRisk A strong bias towards automation and innovative thinking Experience with, and strong knowledge of, modern security technologies (e.g. SIEM, EDR/EPP, AV, and DLP) Knowledge of web application security principles and experience securing modern, large-scale web environments The ability to build cross-functional partnerships with teams outside of security to accomplish security objectives, improve awareness and gain stakeholder buy-in Experience with customer information security contract administration and market communication Excellent communication skills, both written and oral Bonus
Experience:
Certifications in information security or related field (one or more preferred):
CISSP CISM CISA CRISC CEH CCISO Experience managing a team of direct and indirect reports in multiple geographic locations. Strong knowledge of SaaS security architecture and security embedded within telecommunication services In depth understanding of Security System Development Lifecycle controls and programs (e.g. DevSecOps) within CICD pipelines Experience executing and leading penetration testing methodologies across elastic infrastructureExperience in all phases of HR including benefits, training, employee relations etc. Strong understanding of SAAS based solutions, Agile Software Development Methodology and SDLC, Networking and Telecom Connectivity Demonstrated expertise in candidate evaluation practices and methods ABOUT NICE CXone:
NICE CXone makes it easy and affordable for organizations around the globe to provide exceptional customer experiences while meeting key business metrics. NICE CXone provides the world's #1 cloud customer experience platform, NICE CXone(TM), combining best-in-class Omnichannel Routing, Workforce Optimization, Analytics, Automation and Artificial Intelligence on an Open Cloud Foundation. NICE CXone is a part of NICE (Nasdaq:
NICE), the worldwide leading provider of both cloud and on-premises enterprise software solutions.
Salary Range:
$250K -- $500K+
Minimum Qualification
IT Security, Technology ManagementEstimated Salary: $20 to $28 per hour based on qualifications.
Salt Lake City, UT The VP, Information Security leads and oversees all cybersecurity and compliance programs for NICE CXone. Develop security strategy, policies, procedures, technical controls, and implementation plans to safeguard all networked environments and product applications. Develop, train, and lead information security divisions that consist of vulnerability management, risk remediation, cybersecurity operations centers, auditing and compliance, and security engineering teams. Provide market cybersecurity assurance in leading information security and data privacy contract administration and vendor security management. Lead the Trust Office management team to shape the direction of company security and compliance strategies. Partner with operations, R&D, and product teams to incorporate cybersecurity programs within highly elastic cloud-based infrastructures to reduce threat vectors, ensure data privacy protection controls, minimize incident response times, and enhance security detection parameters. Partner with sales and account management teams to facilitate security and compliance transparency with NICE CXone partners and customers, ensuring the market is equipped to trust the company as their service provider and partner. Implement and lead information security compliance strategy to align with enhanced technical security programs. Incorporate experienced audit control knowledge across multiple regulatory frameworks and industry practices. Manage and direct penetration tests across all networks and applications to mitigate threat vectors and remediate discovered vulnerabilities in accordance with corporate security policies. Lead company's vulnerability management and continuous monitoring programs across operations, R&D, and product teams. Collaborate with key security vendor partners to facilitate cybersecurity platform performances. Lead NICE CXone's uptime monitoring programs for high availability reporting. As a VP Information Security, a Typical Day Might Include the Following:
Provide technical security leadership to define and enable Trust Office goals and objectives. Develop and sustain Trust Office teams to safeguard corporate networks while sustaining compliance objectives. Develop global regulatory and industry auditing programs with Trust Office auditing and compliance staff. Budget and procure security solutions, compliance solutions, and third-party/QSA audits. Achieve and sustain compliance success in coordination with adjacent operations offices across multiple regulatory and industry applied information security and data privacy audits. Leads, supervises, and works with Trust Office Managers to sustain security and data privacy goals while developing leadership skills and mentoring management staff. Stay current on industry developments to identify emerging security technologies, risks and trends to ensure our systems keep pace with security technology and risk landscape evolution. Chairs and leads company's Vulnerability Remediation Control Board, in collaboration with operations, R&D, and product leadership. Demonstrate technical security knowledge and skills to administer cybersecurity strategy and achieve security transparency within the marketplace. Collaborate with partners and customers to educate, align, and/or incorporate security controls within networked environments and product application suites. Maintain the highest level of personal certification, integrity and objectivity, following the company Code of Ethics and Nice inContact policies and procedures at all times. To Land This Gig You'll Need:
Bachelor's Degree in Computer Science, Business Information Systems, Information Systems Security or related field or equivalent work experience. 10
years of being a cybersecurity or data privacy technical practitioner 7
years of leading technical security teams within information security programs/offices 5
years of leading IT compliance teams with multiple auditing programs 5
years of working in an executive or strategic leader/managerial role over technical teams Experience leading cybersecurity programs in a SaaS-enabled infrastructure, to include the following operations:
Vulnerability Management Risk-Score and Threat Vector Mapping/Analysis Penetration Testing (white box, black box, and crystal box) Continuous Monitoring and Logging Analysis/Inspection Incident Response Malware Analysis and Digital Forensics Security Engineering and Toolset Orchestration Code Static and Dynamic Scanning Applications Data Loss Prevention Experience and technical familiarity with the following data privacy and information security global compliance frameworks:
PCI-DSS SOC 2 GDPR CCPA ISO 27001 ISO 27017 ISO 28018 ISO 27701 FedRAMP CSA-ASD MaRisk A strong bias towards automation and innovative thinking Experience with, and strong knowledge of, modern security technologies (e.g. SIEM, EDR/EPP, AV, and DLP) Knowledge of web application security principles and experience securing modern, large-scale web environments The ability to build cross-functional partnerships with teams outside of security to accomplish security objectives, improve awareness and gain stakeholder buy-in Experience with customer information security contract administration and market communication Excellent communication skills, both written and oral Bonus
Experience:
Certifications in information security or related field (one or more preferred):
CISSP CISM CISA CRISC CEH CCISO Experience managing a team of direct and indirect reports in multiple geographic locations. Strong knowledge of SaaS security architecture and security embedded within telecommunication services In depth understanding of Security System Development Lifecycle controls and programs (e.g. DevSecOps) within CICD pipelines Experience executing and leading penetration testing methodologies across elastic infrastructureExperience in all phases of HR including benefits, training, employee relations etc. Strong understanding of SAAS based solutions, Agile Software Development Methodology and SDLC, Networking and Telecom Connectivity Demonstrated expertise in candidate evaluation practices and methods ABOUT NICE CXone:
NICE CXone makes it easy and affordable for organizations around the globe to provide exceptional customer experiences while meeting key business metrics. NICE CXone provides the world's #1 cloud customer experience platform, NICE CXone(TM), combining best-in-class Omnichannel Routing, Workforce Optimization, Analytics, Automation and Artificial Intelligence on an Open Cloud Foundation. NICE CXone is a part of NICE (Nasdaq:
NICE), the worldwide leading provider of both cloud and on-premises enterprise software solutions.
Salary Range:
$250K -- $500K+
Minimum Qualification
IT Security, Technology ManagementEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
