VP, Chief Information Security Officer
The VP, Chief Information Security Officer serves as the senior leader within the IT security and controls function. The position has the responsibility to build and lead a high performing team to define an enterprise-wide cyber security program and risk strategy by providing full oversight, strategic direction, and technical leadership. Key responsibilities for this role will be operational and strategic and will require collaboration, relationship building and teamwork with leaders across the enterprise. The ideal candidate is an innovative thought leader adept at building consensus within a complex, high growth organization while integrating solutions, people, and processes.
The VP, Chief Information Security Officer will report to the Chief Information Officer and will be part of the IT leadership team. The position is based in Broomfield and will be responsible for a team.
WHAT YOU'LL DO
- Lead and develop a Security team responsible for standards, governance, policies, procedures, compliance
- Champion and Lead on our Cybersecurity Program
- Responsible for developing and executing IT Security Program strategic vision and roadmap
- Ensure compliance and adherence to SOX, PCI and Identity Theft Laws as well as company / industry best practices
- Build excellent relationships through strong interpersonal skills and educate on “Why” to influence advancement of Security strategy
- Prioritize and implement security initiatives to protect the business and brand while allowing for speed and flexibility of enterprise objectives
- Responsible for IT Security Projects while meeting project timelines and staying on budget
- Oversee, create, and document technology procedures and controls to assure compliance with applicable regulatory and legal requirements
- Provide security oversight of 3rd parties and contractors with regards to accessing enterprise systems and services
- Advance formal risk analysis and assessment programs for all new and existing IT system
- Manage IT Security vendors, contractors, consultants, and external teams and hold them accountable to performance expectations and service level agreements including 3rd party vendors for testing programs.
- Accountable to proactively monitor for intrusion attempts and all other security threats and implement practices to safeguard the enterprises data and technology assets
- Key stakeholder for security breaches and incidents associated with all systems and services
- Oversee and maintain incident response plan, security training and awareness strategy
- Collaborate with Internal Audit, General Counsel and Risk Management to remediate new and outstanding issues
- Work with business leaders and staff on data classification, security requirements and exposure mitigation steps
- Maintain a framework that allows for flexible adherence to regulatory requirements as it applies to platform technologies
- Develop and maintain a risk matrix of potential threats to the enterprises existing platform and data.
- Promote and advocate enterprise-wide security awareness programs
- Maintain expertise on security trends through training, research, and development to mitigate potential security exposures
- Participate in gathering information to support legal or HR investigations
- Provide regular Security updates to Executive Team and Board of Directors on an as needed basis.
WHAT YOU BRING TO THE TABLE
- Education: Bachelor’s degree in Computer Science or related filed is required. Professional experience, beyond requirement, in a related field may substitute for a Bachelor’s degree requirement on a year for year basis.
- Experience: Fifteen (15) years of experience leading an information security team in a global company including working experience in retail is required.
Knowledge, Skills, and Abilities:
- Demonstrated positive business impact through the use of technology
- Experience ranging from Strategic Planning to driving daily operations
- Ability to influence at all levels of the organization
- Excellent verbal and written communication skills.
- Demonstrated strong leadership skills and high emotional intelligence
- Experience with multiple labor models (shared services/onshore/offshore).
- Solid experience with:
- Large project management
- Budget development and management
- Team development and retention
- Vendor Assessment and Management
Crocs is an Equal Opportunity Employer committed to a diverse and inclusive work environment.
Career Level: CL10
Salary Range: $275,000 - $300,000
Workplace Persona: Collaborator (hybrid work schedule; in office 60-80%)
This position is eligible to participate in a company incentive program.
This position is eligible for company benefits including but not limited to medical, dental, and vision coverage, life and AD&D, short and long-term disability coverage, paid time off, employee assistance, participation in a 401k program that includes company match, and many other additional voluntary benefits.