VP, Global Information & Data Security
Headquartered in Los Angeles, Internet Brands® is a fully integrated online media and software services organization focused on four high-value vertical categories: Health, Automotive, Legal, and Home/Travel. The company's award-winning brands, including WebMD and Medscape, lead their categories and serve more than 250 million monthly visitors, while a full range of SaaS offerings has established deep, long-term relationships with SMB and enterprise clients. Internet Brands' powerful, proprietary operating platform provides the flexibility and scalability to fuel the company's continued growth. Internet Brands is a portfolio company of KKR and Temasek.
We are currently seeking a VP, Global Information & Data Security to Lead our IT and Data Security initiatives. Working closely with the CTO and other IT and legal leaders, the VP will evolve the security and privacy roadmap and sustain, mentor and develop a high functioning team. This position is located in the El Segundo office.
- Manage and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Analyze IT security threats in real-time and mitigate these threats
- Partner with business units and functional areas to facilitate risk assessment and risk management processes
- Manage, mentor, and develop a team of security professionals
- Provide leadership to the enterprise's information security organization
- Raise awareness of risk management concerns across the company
- Participate in overall business technology planning, providing a current knowledge and future vision of technology and systems
- Ensure that newly-acquired technology complies with IT security best practices and regulations
- Stay current on cybersecurity threat trends and intelligence, and new and evolving security technologies and services available in the market.
- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of security
- Provide active monitoring and governance to ensure that third-party technology partners adhere and align to relevant security policies, standards and practices
- Educate key stakeholders of new threats, industry trends and applicable laws related to security, and manage security training for the organization
- Degree in computer science, business administration or a technology-related field required.
- Professional security management certification a plus
- Minimum of eight years of combined experience in risk management and information security
- Direct knowledge of industry best practices (NIST, ISO, SANS, COBIT, CERT), Legislative and Regulatory and Industry Compliance Requirements (SOX, PCI, HIPAA, HiTech, HiTrust, EHNAC, etc )
- Technical expertise in data management / privacy, enterprise DevSecOps / architecture, and product DevSecOps / architecture.
- Intelligent and persuasive leader with good interpersonal, verbal and written communication and presentation skills who is able to build trust at all levels in the organization
- Ability to focus on high quality work while under pressure
- Logical, analytic and rational
- Demonstrable innovative thinking and fostering an environment of continuous improvement
We are an equal opportunity employer and does not discriminate on the basis of race, ancestry, color, religion, sex, gender, age, marital status, sexual orientation, gender identity, national origin, medical condition, disability, veterans status, or any other basis protected by law.