VP, Chief Information Security Officer
Scope & Duties:
- Utilize existing current controls and policies and industry standards such as NIST and FFIEC to manage a formal information security program.
- Drive reduction of information security and cyber security risk within the organization and facilitating the alignment of the business areas with regulatory expectations and best practices.
- Facilitate the continued improvement in information security and cyber security risk management and culture across Kasasa, through the continual refinement and implementation of the Information Security and Cyber security Framework.
- Build and maintain relationships with various functions within Kasasa, including Sales, Marketing, Operations, Product Development, IT Group. Provide training and guidance to business areas on Information Security/Cyber security and ensure risk events are identified, reported, and managed. Develop and maintain close working relationships with team members and collaborate on projects.
- Focus on data security by developing and strengthening internal controls to prevent unauthorized and improper access to data, thereby ensuring the appropriate protection of information assets. Appropriately protect the confidentiality, integrity and availability of information assets.
- Develop a best practice disaster recovery program to ensure technology availability and safety for employees.
- Provide oversight for developing, implementing and managing the enterprise technology Disaster Recovery program to ensure timely technology operations recovery following an interruption in service caused by a technology system outage or declared disaster.
- Develop communication strategies for training & educating employees of cyber security initiatives.
- Provide management oversight to all activities related to technology compliance with regulatory as well as audit requirements, ensuring that technology best practices are being followed for Information Security and Disaster Recovery.
- Develop and manage budgets associated with compliance , information security
- Manage a small team of audit and security resources, including performance management, salary administration, succession planning and workload balancing.
Education & Professional certifications
- 10+ years of progressive leadership experience in computing and information security.
- Bachelor degree in either STEM related fields or management.
- Advanced degree in technology or management preferred.
- One or more of the following certifications:
Desired Experience & Traits
- Strong technical skills along with strong communication skills at all levels.
- A track record in the successful management of programs and people, both internal and external, as well as demonstrated complex program/project/vendor management skills.
- Agile, versatile, flexible and the ability to work with constantly changing/evolving priorities.
- Significant experience with technology in one if the following roles : software developer, architect, technology infrastructure management or Information Technology management.
- 5+ years of strong hands-on experiences and technical depth in one, or more technology areas, including Data security, Infrastructure security, Endpoint/Platform security, Distributed Technologies, Replication technology, Cloud or Application Security.
- Experience building controls and policies against Banking and/or payments industry security standards such as FFIEC, PCI.
- Prior experience working with external auditors and regulators as firm representative for cyber security standards.
- Experience developing and enforcing an enterprise information security program.
- Experience with information security controls for cloud based infrastructure such as Amazon Web Services (AWS).
- Strong understanding of cryptographic technologies.
- Knowledge of applicable practices and laws relating to data privacy and protection.
Meet Some of Kasasa's Employees
Marketing Operations Program Manager
Mission-bound to scale Kasasa's financial technology exponentially, Cristina promotes the company's innovative banking services to local financial institutions.
Back to top