Vice President of Cloud Operations and InfoSec

Evive people are game-changers.

Evive was founded by two people who wanted to challenge the status quo...and did. More than 11 years later, that spirit still defines our culture. The work we do is redefining how people use their employee benefits, with SaaS-based solutions that help people to improve their lives and Fortune 1000 enterprises to optimize their benefits investments. Are you one of us?

We’re looking for a Vice President of Cloud Operations and InfoSec. 

The Vice President of Cloud Operations and InfoSec is responsible for Evive’s cloud architecture direction, roadmap, platform responsibilities, and security posture. This includes providing operational oversight regarding data integrity and compliance, as well as guidance to employees, users, and service providers on their responsibilities pertaining to information security. 

Responsibilities: 

• Provide leadership, architectural direction, and process improvement to cloud operations teams
• Build and maintain a security and cloud roadmap.
• Direct the development and publishing of up-to-date security policies, standards, and guidelines, and the company-wide training and dissemination of security policies and practices.
• Manage global teams across cloud operations, security, compliance, office IT.
• Provide leadership and guidance to the office IT and Compliance teams, including but not limited to Risk Assessment, Risk Mitigation, Risk Management, Vulnerability Management, local and federal laws and regulations, Evive’s local policies and procedures, et. al.
• Ensure that security programs are in compliance with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
• Provide leadership and guidance on the adherence to and implementation of Evive’s IT security policies and controls.
• Sign off on all Data Security Program-related policy and procedure documents.
• Coordinate and manage the IT operational budget.
• Manage risk assessment and risk mitigation with respect to data security, including, but not limited to, the coordination of annual penetration testing, vulnerability assessments, and any remediation plans.
• Provide answers/analyses to address questions and concerns from management.
• All other duties as assigned.

Qualifications:

• BA or BS in computer science, data security, or related discipline.
• 10+ years of IT infrastructure operations experience with success in leading a security discipline, preferably in a growth environment.
• 5+ years of experience with AWS cloud architecture and technologies or comparable cloud experience.
• Deep familiarity with IT operational standards and best practice frameworks such as ITIL.
• Experience in security audits and inspections from Fortune 500 companies.
• Strong knowledge of information security principles, standards, practices, and technologies.
• Proven understanding of information security risk assessment and risk management procedures and methodologies.
• Ability to correlate enterprise risk with appropriate administrative, physical, and technical security controls.
• Proven record of delivering business critical projects within challenging time frames, multiple stakeholders groups and competing priorities.
• Strong ability to write, edit, and maintain policies to be used across the organization that ensure compliance with information security initiatives.
• Experience with contracting, writing, reviewing and executing agreements with clients and service providers to ensure that these agreements are in compliance with federal privacy laws and in compliance with information security policies.
• AWS Solutions Architect certification  preferred.