VP, Chief Information Security Officer at Q2
The Chief Information Security Officer serves as the process owner of all assurance activities related to the availability, integrity, privacy and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. A key element of the CISO's role is working with leaders and stakeholders across the organization to determine acceptable levels of risk based on industry best practices, governmental regulations, and customer requirements and expectations. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
- Develops and directs the organization's security and compliance functions to mitigate loss and risks.
- Responsible for the development, implementation and monitoring of a strategic, comprehensive enterprise information security and IT risk management program, including application security, external security, physical security and internal security.
- Ensures a standard consistent approach is deployed and maintained for Q2’s compliance programs.
- Ensures customer satisfaction by meeting Q2’s clients compliance and due diligence requirements.
- Works directly with the business units to facilitate assessments on Q2’s security and compliance posture.
- Understands and interacts with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
- Oversees and ensures business continuity plans and disaster recovery plans are present, tested and meet FFIEC requirements.
- Responsible for ensuring teams meet requirements for Q2’s annual security & privacy training.
- Monitors organizational operations and each financial system and evaluates their efficiency, effectiveness of controls, accuracy or records, and compliance with internal corporate policies and procedures and external laws and government regulations.
- Measure and evaluates the effectiveness and efficiency of business practices and operations, the process of deterring and investigating fraud, and the safeguarding of company assets.
- Ensures standard consistent approach is maintained with controls for organization's business system to ensure reliability of the system and integrity of the data.
- Provides counsel and advice to company leadership regarding security, audit, and compliance initiatives.
- Provides reports on a regular basis and as directed or requested, to keep the Risk Audit Compliance Committee of the Board and senior management informed of the operation and progress of security, risk and compliance efforts.
- Serves as a security advisor during overall business technology planning, providing a current knowledge and future vision of technology and systems
- Typically requires a bachelor’s degree in Business Administration or Technology and a minimum of 20 years of related experience; or an advanced degree with 15+ years of experience; or equivalent relevant work experience. Typically requires 10+ years managing and developing employees.
- Professional security management certification
- Minimum of 15 years of experience in a combination of compliance, information security and IT jobs
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
- Maintains a level of executive presence combined with excellent written and verbal communication skills, with high level of personal integrity
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
- Business Continuity Planning experience including Disaster Recover and Incident Response and Handling.
- Experience with contract and vendor negotiations and management including managed services.
- Specific experience in Agile (scaled) software development or other best in class development practices.
Experience with Cloud computing/Elastic computing across virtualized and containered environments
At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.