This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a VP of Information Security based in United States.
This senior leadership role defines and executes a modern, business-aligned information security strategy across a primarily Microsoft-based cloud environment. It combines strategic security governance with hands-on oversight of cloud architecture, resilience, and operational reliability. The role is central to ensuring systems are secure, observable, and continuously improving while supporting business growth. You will work closely with internal technology teams, external vendors, and managed service providers to deliver scalable and accountable security operations. The position also plays a key role in shaping incident response maturity, compliance readiness, and enterprise-wide risk management. This is a highly visible role that bridges executive leadership and technical execution, with direct impact on organizational resilience and trust.
Accountabilities:
- Lead and evolve a risk-based information security program aligned with business priorities, ensuring security controls balance protection, usability, and performance.
- Translate complex security and risk scenarios into clear, actionable recommendations for executive leadership and stakeholders.
- Oversee cloud security architecture across Microsoft environments, ensuring secure identity and access management, configuration standards, and resilient system design.
- Partner with managed service providers and internal IT teams to ensure secure, scalable, and fault-tolerant infrastructure operations.
- Drive observability strategy by improving monitoring, logging, alerting, and defining key security and reliability metrics (incident response, vulnerabilities, uptime, performance).
- Lead incident response activities end-to-end, including coordination, root cause analysis, remediation, and long-term corrective actions.
- Manage MSP performance across security operations, vulnerability management, alert triage, and end-user support functions with clear SLAs and accountability.
- Oversee compliance and audit activities (including SOC / SSAE 18), ensuring policies, standards, and documentation reflect actual risk posture.
- Co-own business continuity and disaster recovery planning, ensuring ongoing testing and continuous improvement.
- Strengthen vendor and third-party risk management practices while fostering a practical, organization-wide security culture and awareness.
Requirements
- 7–12+ years of experience in information security, cloud security, or related technology leadership roles.
- Strong expertise in Microsoft security ecosystems, including Azure and Microsoft 365 architecture and security controls.
- Proven experience in incident response, security operations, monitoring, and cloud infrastructure reliability.
- Familiarity with automation, infrastructure-as-code concepts, and modern cloud operations practices.
- Experience managing external vendors or MSPs with accountability for performance, SLAs, and operational outcomes.
- Working knowledge of SOC audits, SSAE 18 frameworks, and regulated or compliance-driven environments.
- Demonstrated ability to operate at both strategic and hands-on technical levels in a fast-paced environment.
- Strong leadership, communication, and stakeholder management skills, with the ability to influence across technical and executive audiences.
- Pragmatic mindset with the ability to balance security rigor, operational efficiency, and business needs.
Benefits
- Competitive annual compensation (approximately $130,000 base salary).
- Fully remote work arrangement within the United States.
- Opportunity to shape and lead a high-impact enterprise security program.
- Collaboration with executive leadership and cross-functional technology teams.
- Exposure to modern cloud, Microsoft, and security operations environments.
- Responsibility for both strategic decision-making and hands-on architectural influence.
- Professional growth in a leadership role with expanding scope and visibility.