VP, Information Security

W2 only, no C2C, must be authorized to work in the US (both now and in the future).VP, Information Security (Direct Hire) - Hybrid in Madison, WI. Apply now for this opportunity at Carex! Carex is partnering with a Financial Services industry partner to identify a VP, Information Security to lead the strategic development and execution of a multi-year information security roadmap aligned to enterprise risk management and business objectives. This role provides executive leadership across security strategy, governance, operations, and regulatory alignment, while building a high-performing security organization and promoting a culture of shared responsibility for protecting data and systems.What You’ll DoLead the development and execution of a multi-year information security strategy aligned with business priorities and regulatory requirementsBuild, mentor, and lead a high-performing information security team while fostering enterprise-wide security accountabilityEstablish and mature security governance, risk management, and control frameworks aligned with recognized industry standardsProvide executive-level reporting on security posture, risk exposure, and remediation progressPartner closely with Legal, Compliance, and Privacy leadership to align security controls with regulatory obligations and financial services requirementsSupport regulatory examinations, audits, and legal reviews related to cybersecurity and data protectionOversee enterprise security operations, including threat detection, vulnerability management, endpoint protection, and incident responseLead breach response coordination and tabletop exercises involving executive and cross-functional stakeholdersEstablish and maintain secure cloud architectures across IaaS, PaaS, and SaaS environmentsStrengthen identity and access management across hybrid and cloud environments using modern security principlesOversee third-party risk management, including vendor security assessments and contractual cybersecurity requirementsWhat You’ll BringExtensive experience developing and executing enterprise-wide information security strategies for mid to large organizationsProven senior leadership experience with accountability for security governance, risk management, and operational executionDeep knowledge of financial services regulations, privacy laws, and security frameworks such as NIST CSF, ISO 27001, CIS Controls, or comparable standardsDemonstrated expertise in threat management, vulnerability management, security operations, and modern ransomware defense strategiesStrong hands-on experience with cloud security architecture across IaaS, PaaS, and SaaS platforms, including identity and access management and zero-trust conceptsExperience leading enterprise incident response efforts in collaboration with executive leadership, Legal, Compliance, and Privacy teamsBackground designing and overseeing third-party risk management programs and vendor security assessmentsBachelor’s degree required; advanced degree in cybersecurity or a related field preferredProfessional security certification such as CISSP strongly preferredCarex Consulting Group is an equal opportunity employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, or Veteran status.