ID.me

  • Vice President of Information Assurance

    Location : Location US-VA-McLean
    Engineering
  • Overview

    ID.me is looking for a Vice President of Information Assurance. Reporting to the Chief Executive Officer, the Vice President of Information Assurance will be accountable for defining strategy and governing principles for information assurance, security, regulatory compliance, vendor and risk management, as well as overseeing specific goals, objectives, and execution plans to deliver the strategy. Responsibilities include implementing, administering, validating and enforcing policies and systems to assure reliability, confidentiality, integrity, and compliance software and systems, managing all aspects of governance architecture, and overseeing all applicable audits and certification efforts.  


    Our ideal candidate will have hands-on knowledge & experience with industry-leading technologies and products supporting information security, cybersecurity, data privacy, risk management, and compliance, and have experience working with key government and industry-based regulations, standards, and implementation framework such as NIST 800-63-3, NIST 800-53, ISO27001, FICAM, HIPAA and FedRamp.

    Responsibilities

    • Performs information technology (IT) and Business Unit operational governance functions and internal/external audit facilitation and coordination.
    • Leverages the ISO 27001 ISMS methodology to coordinate and deliver a security program that complies with multiple information security regulatory, certification, and guidelines.
    • Develops and maps out security policies, standards, and procedures to industry or regulatory requirements across the businesses.
    • Researches, implements and maintains third-party risk assessment technology solutions to track and manage the compliance of each business against the information security policies, standards, and procedures.
    • Supports the product team in evaluating, selecting & managing vendors and data providers.  
    • Partners with product and engineering stakeholders to implement new tools and vendors.
    • Tracks, monitors and resolves internal and external issues and incidents.
    • Leads the effort in identifying and evaluating the organization’s risk areas and provides input and solutions to the leadership team and key stakeholders.
    • Facilitates internal and external audits by coordinating field work-data collection between Auditors and Business Unit’s process/control owners.
    • Acts as liaison with IT business partners and business process or data owners to ensure full understanding of data flow, data integrity, and system security.
    • Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity, and availability of business information.
    • Provides or assists in providing training, coaching and guidance to process/control owners in conducting IT audits and other IT audit-related issues.

    Qualifications

    • 10+ years of professional experience in the information security field.
    • CISSP, CISA, CRISC or equivalent certifications strongly preferred.
    • Information Security experience in multiple security areas including; network security, application security, server compliance, policy and standards management, and/or identity management.
    • Must have experience with compliance and risk assessment methodologies including or similar to ISO 27001 and FICAM.
    • Experience in performing new systems development audits, or related work experience.
    • Experience with working and interfacing with IT, Product Development and Engineering personnel.
    • General knowledge of elements of IT infrastructure, applications, and support.
    • Strong project management experience with managing multiple large to medium sized projects.
    • Strong ability to analyze and understand business and technology needs.
    • Demonstrated experience of managing multiple vendors.
    • Leadership abilities with running multiple projects.
    • Ability to create and update documentation of policies, standards, and procedures.
    • Strong audit management, coordination, and response experience.
    • Must have excellent project management experience and leadership skills to manage and work on multiple ongoing risk assessment projects.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed