Position Summary
The Director of Information Security is a critical member of Vista Technology team, responsible for leadership across Security Operations, Security Engineering and Security Architecture. The Director of Information Security must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The Director of Information Security coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports.
The Director of Information Security is a leadership role that requires an individual with a strong technical background, as well as an ability to work with the technology organization and business management to align priorities and plans with key business objectives. The Director of Information Security will also be responsible for working with business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility, and performance.
This individual will have a diversified background of IT & functional experience, demonstrated project management acumen and excellent vendor management skills, be a strong people leader, in addition to a holistic, service-oriented approach to information security management. In strong partnership with the Vista Technology Leadership Team, this role contributes to the development and execution of the overall technology strategy and ensures its alignment with Vista Equity’s business strategy.
This role will report directly into the Chief Information Security Officer (CISO).
This role can be located in Austin, TX or New York, NY.
Responsibilities
- Responsible for providing information assurance for digital information, ensuring its confidentiality, integrity, and availability.
- Oversight of and hands-on involvement in various security operations domains including but not limited to: Asset Inventory, Threat Intelligence, Identity and Access Management, Threat and Vulnerability Management, Security Awareness, Data Loss Prevention, Security Monitoring and Incident Response.
- Responsible for countermeasure planning, architecture, deployment, and enhancements in accordance with the requirements of the risk analysis of individual systems/applications/processes, and data classification
- Work closely with Technology Infrastructure, Data Engineering, Application Development and other non-Technology lines of business to assist with security considerations during decision-making.
- Responsible for devising security architecture requirements, threat modeling, and performing security architecture reviews.
- Support information system life cycle activities and ensure system security measures comply with applicable policies.
- Research and analyze security event data and perform complex incident investigations to identify potential security incidents and next steps
- Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
- Conduct reviews and tech inspections to identify and mitigate potential security weaknesses, and ensure all security features applied to a system are implemented and functional
- Develop and keep up to date security KPIs and dashboards to measure the effectiveness of security programs, processes, controls and countermeasures.
- Maintain knowledge of current security trends and be able to clearly communicate them to the team and to other employees to encourage secure culture across the firm.
- Monitor public security advisories and alerts for information related to the corporate technology environment
Qualifications
- Bachelor's or master's degree in computer science, information systems, business administration or related field, or equivalent work experience.
- 5+ years of progressive experience as an Cybersecurity professional working within an enterprise environment (Prefer Azure Experience)
- 5+ years of hands-on experience implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus
- 2+ years of experience managing a team
- Proficiency with scripting (PowerShell, python, etc.), automation, and APIs
- Ability to read and understand code
- Advanced knowledge of regulatory compliance including, but not limited to OWASP, ISO, PCI-DSS, and NIST
- Hands-on experience implementing, administrating and operating technologies such as network traffic analyzers and malware analysis
- Advanced knowledge of the TCP & UDP IP protocol suite and related security architectures
- Ability to show discretion and poise in all situations
- Ability to treat sensitive/confidential information appropriately
- Strong sense of urgency, adaptability, flexibility, and resourcefulness
- The ability to function professionally under pressure, while managing multiple concurrent projects and deadlines
- Must possess personal tact, discretion, and good judgment. Excellent interpersonal, written, and verbal communication skills
- Afterhours availability and travel are required on occasion
- CISSP, GSEC, CEH, Security+ or similar information security certification
- Experience practicing Cybersecurity in the Financial Industry
The annualized base pay range for this role is expected to be between $220-250K. Actual base pay could vary based on factors including but not limited to experience, subject matter expertise, geographic location where work will be performed and the applicant's skill set. The base pay is just one component of the total compensation package for employees. Other rewards may include an annual cash bonus and a comprehensive benefits package.
Company Overview
Vista is a leading global investment firm that exclusively invests in enterprise software, data and technology-enabled organizations across private equity, permanent capital, credit and public equity strategies, bringing an approach that prioritizes creating enduring market value for the benefit of its global ecosystem of investors, companies, customers and employees. Vista’s investments are anchored by a sizable long-term capital base, experience in structuring technology-oriented transactions and proven, flexible management techniques that drive sustainable growth. Vista believes the transformative power of technology is the key to an even better future – a healthier planet, a smarter economy, a diverse and inclusive community and a broader path to prosperity. Further information is available at vistaequitypartners.com. Follow Vista on LinkedIn, @Vista Equity Partners, and on X, @Vista_Equity.
