VP/CISO, Information Security
Eagleview · United States · Yesterday
RemoteRemoteConsultingFull-time
Responsibilities
- Define and execute the enterprise security vision, strategy, and multi-year roadmap aligned to business and technology priorities.
- Build and lead a comprehensive, risk-based information security program across infrastructure, applications, and data.
- Serve as the primary executive security advisor to the CIO and leadership team.
- Provide hands-on technical leadership in architecture decisions, risk tradeoffs, and incident response.
- Act as the executive leader during security incidents and crisis events.
- Lead end-to-end incident response, including investigation, containment, recovery, and communication.
- Establish and continuously improve: Incident response playbooks, escalation and communication models, tabletop exercises and readiness programs.
- Ensure rapid, coordinated response across engineering, infrastructure, legal, and business teams.
- Oversee and contribute to the design and implementation of security controls, including cloud security, identity and access management, application security, and data security.
- Improve vulnerability management and remediation velocity, detection, monitoring, and response capabilities, security tooling effectiveness and cost efficiency.
- Serve as the technical escalation point for complex security issues.
- Define and lead the AI security and governance framework, including model risk management, secure AI/ML development and deployment practices, and data security for AI pipelines.
- Partner with Enterprise Data & AI teams to ensure governance, auditability, and risk controls for AI systems, and integrate AI-related risks into the enterprise risk management program.
- Own and lead the GRC function, including direct management of 2 GRC team members.
- Define and maintain security policies, standards, and procedures.
- Lead all audit and compliance activities, including customer and regulatory requirements.
- Oversee vendor risk management, regulatory compliance (e.g., SOC2, GDPR, HIPAA), and security reporting and risk metrics.
- Support customer and prospect security due diligence, audits, and questionnaires.
- Partner with product, engineering, and GTM teams to ensure security is a business enabler.
- Represent Eagleview externally on security posture and capabilities.
- Build and develop a high-performing cybersecurity organization.
- Address capability gaps through hands-on leadership, hiring, and coaching.
- Drive security awareness and training programs across the company.
- Establish a strong security-first culture across engineering and business teams.
Qualifications
- Prior experience in a senior Information Security leadership role with responsibilities comparable to a CISO, Deputy CISO, or VP of Information Security.
- 15+ years of experience in enterprise cybersecurity, including cloud-based environments.
- Proven experience leading SOC 2 Type 2 (or equivalent) certification programs end-to-end.
- Strong hands-on experience across: Cloud security (AWS), application security / DevSecOps, identity and access management, security operations and incident response.
- Demonstrated experience leading security incidents and crisis management.
- Experience leading GRC, compliance, and risk programs.
- Certifications preferred (CISSP, CISM, GIAC).
- Bachelor’s degree required.
- Preferred experience with AI/ML security, data governance, or model risk management.
- Advanced degree preferred.