The VP of Cybersecurity is responsible for maintaining a strong cybersecurity posture and accountable for the security of Alteryx’s information systems. This role will be responsible for oversight of application, identity, infrastructure, and network security architecture, engineering, and operations functions. This role must be highly knowledgeable in cyber security threats and protective capability landscape and able to translate this knowledge to develop and maintain applicable policies, standards, audits, tests, and procedures. Assures the protection of corporate information from unauthorized access, disclosure, interruption or alteration in order to maintain the integrity, availability, and reliability of information. Ensures the performance of all duties in accordance with the company’s policies and procedures, all Global, U.S. state and federal laws and regulations, wherein the company operates.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Develops, implements, and monitors a strategic, comprehensive enterprise information security program to ensure the integrity, confidentiality, and availability of information is owned, controlled, or processed by the organization. Oversees the architecture and engineering of security safeguards, including people, processes, and technologies. Oversees the identity and access management and security operations functions. Develops, maintains, and publishes up-to-date information security policies, standards, and guidelines. Develops and manages information security budgets. Develops and enhances an information security management framework based on, but not limited to: the International Organization for Standardization (ISO) 2700X, ITIL, COBIT/Risk IT and National Institute of Standards and Technology (NIST), Sarbanes-Oxley Act (SOX), Payment Card Industry Data Security Standards (PCI DSS), and Personally Identifiable Information (PII). Ensures security programs are compliant with relevant contracts, laws, regulations, and policies to minimize or eliminate risk and audit findings. Collaborates with internal leaders to develop and implement a comprehensive global cyber security strategy and effective enterprise-wide security programs. Represents the organization in external engagements and industry participation. Performs other duties and projects as assigned.
STANDARD DUTIES AND RESPONSIBILITIES:
- Responsible for recommending final hiring and termination decisions, overall direction, coordination, and evaluation of employees. Responsibilities include interviewing and training employees; planning and directing work; managing performance; addressing complaints and resolving problems.
- Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.
- Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
- Follows policies and procedures; completes tasks correctly and on time; supports the company’s goals and values.
- Performs the position safely, without endangering the health or safety of themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct.
ESSENTIAL KNOWLEDGE, SKILLS, AND ABILITIES:
- Demonstrates knowledge of, adherence to, monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to this position.
- Demonstrates understanding of evolving tools and technologies to ensure appropriate levels of security are achieved for the business.
- Demonstrates understanding of the relevance of information security incidents and events to protect customer data, corporate assets, intellectual property, and regulated data.
- Demonstrates knowledge of ethical testing and social engineering vulnerability analysis and process design to harden the enterprise.
- Demonstrations understanding of the review process of third-party vendor platforms for compliance with security controls.
- Demonstrations comprehensive understanding of top-to-bottom product/software and data systems security roadmap, which covers all application/architecture security design as well as tool and services.
- Strong project management, financial/budget management, scheduling and resource management skills.
- Ability to support an environment and projects that may require irregular or long working hours, such as to support the team through maintenance windows for planned upgrades and project milestones and handle escalations of security concerns outside of normal working hours to address urgent situations.
- High level of integrity and willingness to take extreme ownership and deliver on high expectations.
- Intermediate skills in computer terminal and personal computer operation; Microsoft Office applications including but not limited to: Word, Excel, PowerPoint and Outlook.
- Intermediate math skills; calculate interest and percentages; balance accounts; add, subtract, multiply and divide in all units of measure, using whole numbers, common fractions and decimals; locate routine mathematical errors; compute rate, ratio and percent, including the drafting and interpretation of bar graphs.
- Effective organizational and time management skills.
- Exceptional verbal, written and interpersonal communication skills.
- Ability to make decisions that have moderate impact on the immediate work unit and cross functional departments.
- Ability to organize and prioritize work schedules on a short-term and long-term basis.
- Ability to provide consultation and expert advice to management.
- Ability to make informal and formal presentations, inside and outside the organization; speaking before assigned team or other groups as needed.
- Ability to deal with complex difficult problems involving multiple facets and variables in non-standardized situations.
- Ability to work with little to no supervision while performing duties.
EDUCATION, EXPERIENCE AND/OR LICENSES:
- Bachelor’s Degree in Information Technology, Mathematics, Business, Engineering, or related filed preferred and a minimum of fifteen (15) + years’ progressive technical and information security leadership experience.
- Experience working in a software development company preferred.
- Minimum eight (8) + years of management experience leading and motivating cross-functional, interdisciplinary teams to achieve tactical and strategic goals required.
- Experience with information system technology including testing, auditing, risk analysis, and contingency planning required.
- Comprehensive understanding of Security Methodologies required.
- Possible certification requirements include: Certified Information Systems Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA).