VP, Security & Compliance
About the role
The VP, Security & Compliance role is responsible for shaping and advancing an enterprise-wide security and compliance strategy in a rapidly evolving technology environment. This role combines cybersecurity expertise, AI risk management, regulatory oversight, and strategic business partnership.
Responsibilities
Define and execute the enterprise security strategy, including security roadmaps, investment priorities, governance models, and alignment with business objectives.
Lead security governance initiatives, including Zero Trust architecture, vulnerability management, threat intelligence, and incident response programs.
Develop and manage AI security governance frameworks, including risk assessments, policies, controls, and responsible AI practices.
Establish safeguards for emerging AI risks such as prompt injection, data exposure, model vulnerabilities, and adversarial threats.
Oversee compliance programs and certifications, including SOC 2 Type II, ISO 27001, GDPR, CCPA/CPRA, and HIPAA requirements where applicable.
Manage security audits, regulatory assessments, third-party risk programs, and remediation initiatives.
Lead Security Operations Center (SOC) strategy, including monitoring, detection, response processes, SIEM/SOAR optimization, and operational metrics.
Partner with technology, product, engineering, and data teams to integrate security into software development, cloud architecture, and enterprise initiatives.
Serve as a security advisor for major technology programs, migrations, product initiatives, and strategic business projects.
Present security posture updates, risk assessments, and compliance insights to executive leadership and board-level stakeholders.
Requirements
The ideal candidate is a senior cybersecurity leader with extensive experience building and scaling security programs in complex, highly regulated, or data-intensive environments.
This professional should combine strong technical expertise with executive communication skills and the ability to influence cross-functional teams.
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field required; graduate degree preferred.
15+ years of progressive experience in information security, cybersecurity, risk management, or related disciplines.
5+ years of experience leading security and/or compliance teams of six or more professionals.
Proven success building or maturing enterprise security programs within Fortune 500, private equity-backed, financial services, healthcare, technology, or similarly regulated environments.
Strong experience with AI/ML security, including securing AI deployments, generative AI solutions, LLM environments, and model risk management frameworks.
Deep cloud security expertise across AWS, Azure, and/or GCP, including IAM, cloud-native security tools, and multi-cloud governance.
Demonstrated ownership of major compliance programs, audits, and security frameworks such as SOC 2, ISO 27001, GDPR, and CCPA.
Hands-on experience with SIEM/SOAR platforms, EDR solutions, security automation, and SOC operations.
Strong knowledge of data protection technologies, including DLP solutions, data classification, and sensitive data management.
Experience with vulnerability management, CVE lifecycle processes, security assessments, and remediation planning.
Understanding of modern data architectures, cloud data platforms, SaaS applications, APIs, and enterprise application security.
Familiarity with AI governance frameworks such as NIST AI RMF and emerging AI regulatory requirements.
CISSP certification strongly preferred; CISM, CISA, CCSP, CRISC, or equivalent certifications are valuable.
Exceptional executive presence with the ability to communicate complex security topics clearly to technical and non-technical audiences.
Strategic mindset with strong problem-solving skills and the ability to operate effectively in fast-changing environments.
Collaborative leadership style with experience influencing teams across technology, product, engineering, legal, and business functions.
Benefits
Competitive base salary range of approximately $200,000-$220,000 annually, depending on experience, skills, qualifications, and location.
Potential eligibility for a discretionary incentive program.
Comprehensive medical and other benefits based on employment status.
Flexible work environment with remote and home office options.
Opportunity to lead enterprise-wide security transformation initiatives with significant business impact.
Chance to work with advanced technologies including cloud platforms, AI systems, and modern data environments.
Collaborative culture focused on innovation, ownership, inclusion, and professional growth.
Opportunities to develop leadership capabilities and contribute to strategic organizational initiatives.