VP of Security
- Posted 20 November 2023
- Salary 140000
- LocationReading
- Job type Permanent
- Reference34626
- Contact NameEllie O'Shea
Job description
Trident have partnered with a global trading platform in search of a VP of Security to be the SME for all things security.
You will be responsible for the IT security of well over 1200 endpoints. 200 on-prem and cloud applications and several hundreds of servers spread across 5 continents.
To be successful in this role, you must be intimately familiar with cloud technologies, coding, offensive and defensive security and security awareness.
What will you be doing?
● Create and hands-on implement an IT security vision, strategy, and roadmap that keeps our business secure, competitive and proactive. If you do not have the technical skills for the hands-on part, do not apply for this position.
● Lead and expand a global team of approximately 25 security engineers, researchers, analysts and awareness specialists in all aspects. Note the word global.
● Achieve and maintain level 4 in both the security maturity model and the security awareness maturity model. Think of incredibly cool projects and devious security awareness exercises!
● Work very closely with your counterparts in IT Administration, Disaster Recovery, IAM, DevOps, WinOps and IT Development to ensure that IT Security becomes part of the DNA of everything we do.
● Over-communicate the need for security at every opportunity!
Skills and qualifications
● 15+ years of leadership experience running security programs and teams in a mid-to-large-sized company. We expect you to be tried and tested with the battle scars to prove it.
● Extensive hands-on experience with cloud infrastructure, automation, containerization, DevSecOps, virtualization, etc.
● Real-world experience with penetration testing (white box, black box, and grey box). Ideally, you have been a bug bounty hunter in a past life.
● You can hold your ground during code reviews, and you are very familiar with secure coding practices. Also, you do not shy away from command line interfaces!
● Broad knowledge about social engineering threats and tests (phishing attacks, tailgating, dumpster diving, endpoint security, etc.)
● Exposure to compliance and regulatory frameworks (e.g. SOX, NIST, ISO 27001, PCI DSS)
● Excellent written and spoken English communication skills
Please apply below or reach out for more information!