Jobs · Information Technology

Vice President Information Technology

Neumo · Texas, United States · Yesterday
RemoteRemoteInformation Technology$500k/yrFull-time

Job Summary

Neumo is building a unified Information Security program across five lines of business and three legacy environments — Avenu, ITI, and GovOS. The CISO sets strategy and owns the board and executive relationship; the VP, Deputy CISO owns execution. This is a distinct, operational mandate: you run the program day to day, lead the four functional teams, make the working-level calls on tooling and process, and are personally accountable for the roadmap that gets us to SOC 1, SOC 2, PCI DSS, FedRAMP High, and GovRAMP.

Duties and Responsibilities

  • Directly manage the four functional leads — GRC, AppSec, Cloud/Vulnerability, and SecOps — setting priorities, removing blockers, and holding them accountable to delivery.
  • Run the operating cadence for the team: weekly leads sync, sprint/quarter planning, and performance management for direct reports.
  • Build a consistent operating model across the four functions so GRC, AppSec, Cloud/Vuln, and SecOps work from shared priorities rather than in silos.
  • Cross-Entity Execution: Resolve tooling and process decisions at the working level across Avenu, ITI, and GovOS. Own the standardization roadmap that brings three legacy environments onto common tooling, control sets, and operating procedures. Make the call and move the work forward when legacy entities disagree on approach.
  • Compliance Program Operations: Own the operational roadmap behind SOC 1 and SOC 2: continuous evidence collection, control owners, and audit readiness ahead of annual audits. Own PCI DSS operations: the annual assessment cycle plus quarterly scan cadence, remediation tracking, and scope management. Drive the FedRAMP High authorization effort and the parallel GovRAMP pursuit — both multi-year, high-cost programs (FedRAMP High alone typically runs 12–24 months and $500K–$1M+) — translating authorization requirements into workstreams, milestones, and owners. Maintain a single rolling roadmap across all frameworks so audit cycles, scan windows, and authorization milestones are sequenced, resourced, and visible — and don’t collide.
  • Report program status, risks, and resourcing needs to the CISO with enough detail to support executive and board reporting.
  • Serve as the day-to-day owner of external audit and assessment relationships (e.g., compliance advisory firms, QSAs, 3PAOs), keeping evidence requests, timelines, and findings moving. Manage tooling vendors supporting GRC, vulnerability management, and security operations, including renewal and consolidation decisions across the three legacy stacks.

Education and Experience

  • 10+ years in information security, with at least 4 years managing security teams or functional leads directly.
  • Direct experience operating through at least one SOC 2 or SOC 1 audit cycle and one PCI DSS assessment cycle as a control owner or program lead.
  • Experience with FedRAMP or GovRAMP authorization work — control implementation, SSP development, or 3PAO assessment support — strongly preferred.
  • Experience with vulnerability management platforms (e.g., Tenable) and WAF/cloud security tooling a plus.

Knowledge, Skills and Abilities

  • Track record of standardizing security tooling or process across multiple business units, products, or post-merger environments.
  • Comfortable making and owning tooling/process decisions without escalating every call upward — this role is judged on throughput, not just judgment.
  • Working knowledge of NIST CSF 2.0 and how it maps to GRC, AppSec, Cloud/Vuln, and SecOps functions.

Benefits

Neumo offers a competitive benefits and compensation package and are looking for team members who will thrive in our dynamic environment.

About Neumo

Neumo is an Equal Opportunity Employer. Selection for a position will be made without regard to race, religion, national origin, sex, political affiliation, marital status, non-disqualifying physical handicap, and age.

Similar jobs