Vice President of Information Security

Carlsbad, CA, United States

Applications have closed

Vuori, Inc

Vuori provides a new perspective for athletic and performance clothing. Shop our men's and women's apparel that is Built to move in. Styled for life.™

View company page

Company Description

Vuori is re-defining what athletic apparel looks like: built to move and sweat in but designed with a casual aesthetic to transition into everyday life. We draw inspiration from an active coastal California lifestyle; an integration of fitness, creative expression and life. Our high energy fast paced retail environment is reflected in the clothes we make. We aim to inspire others to take on all aspects of their lives with clarity, enthusiasm and purpose…while having a lot of fun along the way. We are proud to be an outlet for opportunity and for personal growth and success.

Job Description

We are seeking an exceptional and inspirational, yet approachable Head of Information Security to join Vuori and build and lead our Information Security team. You will be a strong leader with a proven track record in building and leading a world class information security department.  It is critical that you build strong partnerships with key business stakeholders, acting as a strategic thought leader, providing guidance, strategy, leadership, and direction on information security related topics.  You will be a hands-on leader with a history of working with a highly technical, global, rapidly growing organization, with a clear understanding of the importance of scaling an information security organization. 

You will lead and be accountable for developing, delivering and managing Vuori’s comprehensive Information Security, related Compliance, and technology Business Continuity strategies and capabilities. You will ensure all aspects of the organization's information is secure, assets are protected, and that Vuori is in compliance with appropriate government and regulatory requirements. You will develop and implement the strategic information security roadmap in alignment with Vuori’s strategic, business and financial goals, and in alignment with the Chief Information Officer.   You will understand and have experience with organizational change management and digital modernization, in a rapidly growing company, prioritizing the information security strategy and goals to ensure Vuori is secure at at all times. 

Responsibilities include but are not limited to:

  • Build, develop and lead a strong information security team through guidance, coaching and leadership 
  • Developing and implementing a comprehensive information strategy and security roadmap that aligns with business goals and objectives, and aligned with the information technology roadmap and capabilities 
  • Partner with the Chief Information Officer and the Technology department 
  • Partner and collaborate with key business stakeholders to provide guidance and direction on relevant security topics 
  • Communicate security risks to ensure they are prioritized in the decision-making process 
  • Define and enforce security standards and guidelines through partnerships with key business and technology stakeholders 
  • Stay up-to-date on emerging threats and trends in information security, and proactively identify and communicate new risks and vulnerabilities, while seeking appropriate responses to these threats 
  • Partnering with the General Counsel & Corporate Secretary and Assistant General Counsel – Privacy & Digital on Vuori’s Privacy & Security infrastructure  
  • Develop and implement Vuori’s Security Incident Response Plan (SIRP) to ensure Vuori is prepared to respond and recover from security incidents 
  • Developing and leading Business Continuity/Disaster Recovery Programs in partnership with the Chief Information Officer, the Technology team, and other key stakeholders  
  • Continually assess Vuori’s security posture, identify areas for improvement and implement changes as necessary 
  • Lead the vendor management program (cyber) in partnership with Associate General Counsel – Privacy & Digital  
  • Leading PCI/ISO/CIS/SOX/Privacy Laws Compliance in collaboration with Technology as required 
  • Develop and maintain an InfoSec Training & Awareness Program in partnership with Associate General Counsel – Privacy & Digital  
  • Providing leadership and partnership in connection with developing and implementing Enterprise Risk Management (ERM)   
  • Providing leadership and partnership in connection with developing and implementing Ethics, Compliance, Risk Management Committee   
  • Generating new, while updating existing, security policies and procedure, including assessing gaps regarding implementation of any new policy/procedure requirements  
  • Reviewing Payment Card Industry (PCI) Compliance status, measures, assessor responsibilities, and third-party payment providers’ compliance; reviewing ecommerce current and future designs, as applicable  
  • Ensure that the company complies with relevant laws, regulations, and standards (e.g., CPRA, GDPR, HIPAA, PCI DSS) as Vuori expands domestically and internationally 
  • Assisting with Identity and Access Management Design (IAM) and RBAC design, including segregating of duties analysis for current roles and responsibilities  
  • In partnership with the Director of Intellectual Property & Brand Enforcement, develop and implement a comprehensive domain strategy that aligns with the organization's overall business objectives, including implementing domain name policies and procedures to ensure consistency and compliance across the organization 

Qualifications

  • Bachelor’s Degree or equivalent experience 
  • 7+ years Information Security leadership experience in a global environment. 
  • 10 to 15+ years of progressive leadership experience in the software/technology industry  
  • Prior experience in development and oversight of Information Security policies, standards, procedures, and governance framework along with government and regulatory requirements. 
  • Experience in managing outsourcing partnerships and operations. 
  • Experience with public company (SOC2, GDPR, ISO27001, SEC/SOX 404) controls, requirements and financially significant systems and data. 
  • Deep understanding of enterprise technology, processes, reporting and Information Security operations. 
  • Staying updated on Information Security trends and emerging technologies. 
  • Exceptional business instincts and experience – understanding of Vuori customers, marketplace, industry and business – and use it to inform significant decisions. 
  • Ability to work collaboratively with other departments to achieve common goals 
  • Outstanding communication and presentation skills with the ability to explain complex security topics to both technical and non-technical audiences. 
  • Exceptional time and team management skills with the ability to delegate efficiently. 
  • Excellent organizational and prioritization skills, with a strong attention to detail. 
  • Strong analytical and problem-solving skills. 
  • Demonstrated ability to handle multiple projects at the same time effectively and efficiently, remain flexible, manage expectations, anticipate needs and respond to changing demands in a dynamic, fast-paced environment, thinking strategically and acting tactically in prioritizing, re-prioritizing and following through 
  • Demonstrated ability to develop and maintain effective, professional and collaborative relationships amongst diverse internal and external stakeholders at all levels 
  • Excellent organizational, interpersonal and listening skills, problem-solving abilities and judgement, including determining when issues should be escalated 
  • Should be able to demonstrate the existence of emotional intelligence in challenging situations 
  • Comfortable facing ambiguity and taking initiative to identify solutions 
  • Team player with a positive attitude, self-confidence and enthusiasm 
  • Detail, goal/results and solutions-oriented 
  • Independent, self-motivated, professional and proactive with a strong work ethic and sense of pride and accountability in work 
  • Intellectual curiosity, engagement and desire and ability to learn and develop new skills 
  • Act, at all times, with the highest level of character and personal integrity, including demonstrating decorum and professionalism with respect to confidential and sensitive matters, information and access 
  • Experience working in a rapidly growing startup environment. 

Additional Information

Pay Range: $200,000 - $230,000

Benefits:

  • Health Insurance
  • Paid Time Off
  • Employee Discount
  • 401(k)

All your information will be kept confidential according to EEO guidelines.

Tags: Compliance E-commerce Ecommerce GDPR Governance HIPAA IAM Incident response ISO 27001 PCI DSS Privacy Risk management Security strategy SOC 2 SOX Strategy Vendor management Vulnerabilities

Perks/benefits: Career development Fitness / gym Flex hours Flex vacation Health care Startup environment

Region: North America
Country: United States
Job stats:  12  0  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.