Vice President and Product Owner, Information Security – Continuous Controls Monitoring
Prudential Financial · Newark, NJ · 2 wk ago
Marketing$193k–$289k/yrFull-time
About the role
As Vice President and Product Owner, Information Security – Continuous Controls Monitoring, you will set the strategic direction for secure baselines for infrastructure and application security across all of Information Security, identifying cross-functional automation opportunities and developing scalable solutions to monitor risk and verify compliance.
Responsibilities
- Set the strategic direction for secure baselines for infrastructure and application security across all of Information Security, identifying cross-functional automation opportunities and developing scalable solutions to monitor risk and verify compliance.
- Lead the enterprise capability to define, enforce, monitor and automatically validate the security posture of every compute surface the business runs on – physical and virtual servers, domain controllers, network platforms, SaaS platforms/applications, containers, Kubernetes workloads, endpoints, databases and host-based DMZ enforcement points.
- Own the standard, strategy, roadmap, backlog and outcomes of an internal product treated as an integrated platform – one that converts policy and framework requirements (NIST-800-53 Rev 5, CIS Benchmarks, SOC2, PCI/DSS, DORA, NIST AI RMF) into machine enforceable controls with automated, audit-grade evidence collection.
- Partner with delivery and engineering organizations on alignment of plans.
- Translate the Secure baseline security standard into defined control monitoring and enforcement plans.
- Drive coverage so each control has defined tests, an automated evidence collector, defined frequency, remediation ownership and an exception path.
- Promote a collaborative, learning-driven culture that adapts quickly to change and fosters innovation.
Requirements
- Must have 10+ years in Cybersecurity, infrastructure security, including 5+ years in Senior leadership of a security, platform, controls or compliance engineering function.
- Must have certifications such as CISSP, CISM, CCSP, CISA, GIAC (GCCC, GCSA) or AWS/Azure security specialty.
- Must have experience with agile development methodologies and Test-Driven Development (TDD).
Qualifications
- Must excel at leading multi-disciplinary teams of security engineers, infrastructure/platform engineers, Cloud engineering, IAM, Audit/compliance and DevOps.
- Must be able to communicate in a way to simplify complex issues across executive leadership, stakeholders and business partners.
Skills
- OWASP Top 10, OWASP LLM Top 10, OWASP Agentic Top 10
- Regulatory frameworks (NIST-800-53 Rev 5, CIS Benchmarks, SOC2, PCI/DSS, DORA, NIST AI RMF, AWS/Azure)
- ServiceNow Configuration Compliance
- Vulnerability Scanners (Qualys) and CSPM/CNAPP Tools (Wiz)
- Compliance Tools (Guardium)
- Hardening Capabilities (BigFix, Chainguard)
Benefits
Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills.
Pay
$192,900.00 to $289,300.00
Schedule
N/A