VP Cyber Security

at ExecuNet
Location Chicago, IL
Date Posted September 4, 2021
Category Default
Job Type Full-time

Description

Job Description

Company is looking to mature our Attack Surface Reduction Program. To support that effort, we are looking for an experienced Cybersecurity leader who will be responsible for the NIQ attack surface program across all geographies and business units.

This key role requires extensive experience in enterprise level cybersecurity, technology and influence. Experience with the following processes; software security, cloud security, endpoint security, network security and vulnerability management is helpful. Experience leading change and implementing technology and critical controls across a global, diverse enterprise is required. The candidate will be a self-motivated, detail-oriented performer who has a strong desire to influence and the ability to create and execute an enterprise attack surface reduction program. This role has a high impact across the enterprise, and the selected candidate will engage with senior security, technology and business leaders.

What you 'll do

  • Create the vision, roadmap and execution plans for the attack surface reduction capability at Company
  • Responsible to attract, develop and retain a talented team of security professionals to achieve the goals of attack surface reduction
  • Create processes and leverage technology and service providers to support the goals of attack surface reduction
  • Ensure attack surface related to cloud, applications, network and endpoints is inventoried, reduced, monitored and protected
  • Achieve attack surface reduction through influence to reduce technical diversity and address vulnerabilities in commercial software and custom developed applications
  • Partner with enterprise architecture and security architecture to recommend new controls and architectures that embed security resilience into design and build activities
  • Contribute to hardening standards
  • Contribute to product development and design
  • Establish strong relationships, trust and credibility with key internal stakeholders and partners in enterprise technology, architecture and application development
  • Leverage automation to increase effectiveness and efficiency of detective controls
  • Perform data analysis to identify systemic weaknesses and inefficiency in control processes and recommend enhanced controls and automation (including policy as code) earlier in the lifecycle to reduce risk

We 're looking for people who have

  • Bachelor 's degree in a technical field including Computer Science, Information Systems, Math, Physics or similar desired - experience in government, military or in other capacities with similar focus can be substituted
  • Experience working with government or military including nation state and sophisticated cyber crime experience including knowledge of sophisticated hacking techniques, malicious actors, IOCs, TTPs and the ability to translate intelligence into action is highly desirable
  • Demonstrated engagement in security conferences, training, learning, associations is highly desired and fully supported
  • Self-starter, technology and security hobbyist, enthusiast
  • Life long learner with endless curiosity
  • Extreme ownership and desire to create change and move the needle along with the ability to execute with discipline
  • Experience pen-testing, red-teaming, living off the land techniques, and chaining exploits
  • Relentless focus on security, fearless to challenge the status quo (diplomatically)
  • Exposure to incident response, cyber investigations, forensic analysis, engagement with law enforcement related to cyber crime
Drop files here browse files ...