Skip Navigation

Vice President, Security and Risk

Job Number: R0001709 Posted On: 05/04/2021 Location: St. Petersburg, Florida
Apply Now

Our Team

The Security and Risk Office (the “SRO”) is a global team responsible for developing, implementing, and administering Catalina’s global data risk and security program to protect Catalina’s brand by identifying and reducing information risk across the enterprise to improve levels of privacy, cybersecurity, and resilience. The SRO will identify risks, recommend solutions, and handle breaches and incidents to ensure Catalina has a trusted and private environment that provides Catalina and Catalina clients the freedom to innovate, grow, pursue strategic goals, and to do business anywhere and anytime.

The VP Security and Risk is a role with global responsibilities overseeing Information Security and Risk. The VP will serve as Chief Information Security Officer.

  • This position will report to the Chief Legal Officer/Chief Administration Officer

  • Successful candidate will join a of team of highly qualified individuals who collaborate and support each other.

Responsibilities

Information Security

  • Reviews, assesses, and ensures security is aligned with regional business objectives and requirements

  • Establish and maintain a mechanism to track access to and use of PII, NPPI and other sensitive data as required by law and to allow qualified individuals to review or receive a report on such activity

  • Reviews all system-related information security plans throughout the organization’s network to ensure security alignment and acts as a liaison to the information systems department

  • Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization’s security policies and procedures in coordination and collaboration with other similar functions and, when necessary, legal counsel

  • Establishes with management and operations a mechanism to track access to protected personal or health information, within the purview of the organization and as required by law and to allow qualified individuals to review or receive a report on such activity

  • Design, approve, and implement the design of security systems and tools

  • Approve identity and access policies

  • Review investigations after data breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities

  • Maintain a current understanding of the cyber-security threat landscape

  • Ensure compliance with the changing laws and applicable regulations

  • Translate that knowledge to identification of risks and actionable plans to protect the business

  • Schedule periodic security audits and assessments

  • Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced

  • Constantly update the cyber security strategy to leverage new technology and threat information

  • Initiates, facilitates and promotes activities to foster information security awareness within the organization and related entities

  • Maintains current knowledge of applicable federal and state security and breach laws and accreditation standards, and monitors advancements in information security technologies to ensure organizational adaptation and compliance

  • Represent Catalina’s security interests across North America, Central America, Europe, and Asia.

Management/Leadership

  • Liaise with country, federal, and state regulators/supervisor authorities, as needed

  • Liaise with other team members and with the Legal department to maintain subject matter expertise, contribute to team knowledge, and maintain consistency with our business partners

  • Present to executive leadership and/or Board of Directors as require on security risks

  • Lead the incident response team/process; helps troubleshoot and remediate incidents

  • Manage all teams, employees, contractors and vendors involved in security and information risk which include hiring, training, coaching, and career development

  • Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget for data security and information risk

  • Serves as information security consultant to the organization for all departments

  • Oversee the strategic security planning, budgeting, and career development

  • Works with the Chief Privacy Officer, along with the organization administration, legal counsel, and other related parties to represent the organization’s interests with external parties (state or local government bodies) who undertake to adopt or amend legislation, regulation, or standards

  • Provide strong collaboration working in tandem with cross functional teams to achieve business objectives

Risk

  • Works with the Chief Privacy Officer to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department

  • Performs initial and periodic information security risk assessments and conducts related ongoing compliance monitoring activities in coordination with the entity’s other compliance and operational assessment functions

  • Communicate best practices and risks to all parts of the business, outside IT

  • Provide guidance, recommendations, and supports the Vendor Assurance process, when needed, for vendor due diligence

  • Review and provide input into compliance courses on the internal Learning Management System tool

Qualifications

  • Bachelor's degree with 10+ years of experience in one or combination of Information Governance, Information Security, and/or Cyber-Security or equivalent combination of education and experience

  • 7+ years of experience leading teams in the Information Security, Risk, or Business Management functions

  • Advanced understanding of Information Security or Risk principles with in-depth knowledge of the appropriate industry best practices

  • Knowledge of and experience with technology issues related to management of enterprise information assets

  • Proper training/education and associated certifications required such as CISSP, CIPM, CIPP, CIPT, CISA, CRISC, etc.

  • Exceptional and personable stakeholder management skills at all levels of the organization; ability to effectively brief BoD on issues related Information Security and Risk

  • Experience working with Business units, Information Technology teams, and stakeholders

  • Experience working with, and influencing, business leaders in promotion of consistent practices and policy

  • Must be able to speak, read, and write English; effective verbal and written communication and skills

  • Ability to successfully drive projects in collaboration with multiple stakeholders

  • Adaptable to change and ambiguity; ability to work independently without direct supervision

  • Ability to attract, retain, engage and develop teams in a fast-paced, transformational environment

  • Ensure there is a focus on accountability and performance, with clear line of sight between organization strategy and individual goals

  • Excellent at collaboration across teams

  • Without fail, embody Catalina values

ADDITIONAL PREFERRED SKILLS

  • Master’s degree

  • Certifications in two or more areas

  • Certified Information System Security Professional (CISSP) preferred

About Catalina

Catalina is a recognized leader in highly targeted, personalized digital media that drives, tracks and measures sales lift for leading CPG retailers and brands. Powered by the most extensive shopper database in the world, Catalina's mobile, online and in-store networks personalize the consumer's path to purchase, delivering $7.9 billion in relevant consumer value each year. Catalina has no higher priority than ensuring the privacy and security of the data entrusted to us and maintaining the consumer trust paramount to the continued success of our business partners and Catalina. Based in St. Petersburg, FL, Catalina has operations in the United States, Europe and Japan. To learn more, please visit www.catalina.com or follow us on Twitter @Catalina.

Diversity, Inclusion + Belongingness

Catalina is committed to investing in, empowering, and retaining a more inclusive community within our company.   We are dedicated to hiring and cultivating diverse teams of the best and brightest from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has a seat at the table and a voice to be heard.  Our goal is to ensure that all our talented professionals are equipped with support, resources, and the opportunity to excel.

The intent of this job description is to describe the major duties and responsibilities performed by incumbents of this job. Incumbents may be required to perform other job-related tasks other than those specifically included in this description.

All duties and responsibilities are essential job functions and requirements and are subjected to possible modification to reasonably accommodate individuals with disabilities.

We are proud to be an EEO employer M/F/D/V. We maintain a drug-free workplace.

#LI-BP1

Apply Now

Saved Jobs

There is no jobs saved yet

Work in St. Petersburg

Check out where you could be working if you apply.

View this location

Recent Jobs

You currently have no Recent Jobs

Job Alerts

Join our talent network and receive company news and job alerts to your inbox.

Interested InSelect a category and/or location from the auto-suggestions and click “add.”

  • Technology, St. Petersburg, Florida, United StatesRemove

By submitting your information, you acknowledge that you have read our privacy policy and consent to receive email communication from Catalina.