VP of Security

Posted 09 February 2024
Job type Permanent
Discipline Cyber Defence

Job description

Trident search have partnered with a global trading platform in search of their VP of Security.

You will be responsible for the IT security of well over 1000 endpoints. 250 on-prem and cloud applications and several hundreds of servers spread across 5 continents.
To be successful in this role, you must be intimately familiar with cloud technologies, coding, offensive and defensive security and security awareness.
You will spend a lot of time standing in the trenches with your global team of security engineers, researchers and analysts, knee-deep in reality, finding and fixing our pain points. 

What will you be doing?
● Create, advocate and hands-on implement an IT security vision, strategy, and roadmap that keeps our business secure, competitive and proactive. 
● Manage (and expand!) a global team of approximately 25 security engineers,
researchers, analysts and awareness specialists in all aspects. Note the word global.
● Achieve and maintain level 4 in both the security maturity model and the security awareness maturity model. Think of incredibly cool projects and devious security awareness exercises!
● Work very closely with your counterparts in IT Administration, Disaster Recovery, IAM, DevOps, WinOps and IT Development to ensure that IT Security becomes part of the DNA of everything we do.

Skills and qualifications
● 15+ years of leadership experience running security programs and teams in a
mid-to-large-sized company. We expect you to be tried and tested with the battle scars to prove it.
● Extensive hands-on experience with cloud infrastructure, automation, containerization, DevSecOps, virtualization, etc.
● Real-world experience with penetration testing (white box, black box, and grey box).Ideally, you have been a bug bounty hunter in a past life.
● You can hold your ground during code reviews, and you are very familiar with secure coding practices. Also, you do not shy away from command line interfaces!Continue
● Broad knowledge about social engineering threats and tests (phishing attacks, tailgating, dumpster diving, endpoint security, etc.)
● Exposure to compliance and regulatory frameworks (e.g. SOX, NIST, ISO 27001, PCI DSS)
● Excellent written and spoken English communication skills