brand logo
View all jobs

VP, Chief Information Security Officer

Infrastructure Technology
Job Description
Role: VP, Chief Information Security Officer

About Odessa:
Odessa is a U.S. company with offices in Philadelphia, USA and Bangalore, India. Our leasing solutions power a client base comprised of leading global financial institutions that operate across market segments. We transform bold ideas into breakthrough outcomes for clients that drive the economy through equipment and fleet leasing: IT, healthcare, transportation and more.

We believe that great outcomes and customer satisfaction are everything. It’s what drives us to turn bold ideas into transformational solutions for lease and loan management. By combining digital technologies with what works across a diverse customer base, we use an agile approach to co-innovate with clients to help them solve their toughest problems.

As the largest technology provider in the leasing industry, Odessa provides a feature-rich ERP solution with broad integrations across top CRM, G/L, tax, credit, and leading enablement applications. As a complete Platform, Odessa delivers a total solution for commercial lending companies, driving the future of asset finance. With best-in-class functionality, extensible architecture and a suite of value-added features and services, Odessa helps companies transform their business operations.

Primary role:
Scope of Opportunity As the CISO, you will be a member of the Leadership Team, Odessa’s Operations Committee, Odessa’s Risk Committee  and be the chair of the Technology and Information Risk working group. You will represent security and technology risk  management at the executive level, including regular communication with the Board of Directors and senior executives. The CISO candidate will be the lead advocate to guide Odessa’s overall security posture.

What you'll do:

Leadership and Governance
 • Develop and implement a strategic long-term information security strategy and roadmap to not only ensure the  Company’s and its customers’ information assets are appropriately protected, but also is in compliance with all  jurisdictional privacy and regulatory policies.  
• Provide leadership, guidance, direction, and independent assessments on our information security program  across the organization (executive leaders, architects, engineering, infrastructure, information security, building  security, professional services, product, etc.)
Security Operations 
• Work with Architecture, Engineering, and Operations teams to identify and continuously maintain a  comprehensive suite of security tools and monitoring technologies that integrate effectively, keep pace with  evolving threats, and keep the company secure across all data centers and network operations 
• Establish central security operations practice (operations and tools) that can continuously monitor, hunt, detect,  and respond to threats from internet and internal network traffic, servers, endpoint devices, desktops, etc. 
• Management of an external managed detection and response security service provider / security operations  center (MDR/SOC) including monitoring performance, continuous process improvement and MDR role  expansion - as a direct extension of your internal team
Security Engineering
 • Defines and maintains working knowledge of security standards, frameworks, certification requirements, and  accreditation standards. • Ensure our commercial software development lifecycle is secure end-to-end: environments; code testing,  deployment, and repositories, etc.  
• Provide security architecture reviews, recommendations, and engineering for new and emerging technology  solutions. Continuously tests the efficacy of our commercial software solutions and works with the engineering  teams to remediate and prevent future vulnerabilities

Skills and Requirements

 • 12+ years of security leadership experience. Experience supporting a growing security engineering practice with  experience migrating to a cloud-first environment.
 • Experience with Business Continuity planning and Disaster Recovery.
• Experience setting up and managing an outsourced MDR/SOC. 
• Experience with corporate change management, including technology, culture, and communications.
• Proven credibility in influencing and working effectively with peers across departmental boundaries. 
• Excellent leadership, people management and organizational development skills, with a demonstrated ability to  motivate others in a team-oriented and collaborative environment. 
• Excellent verbal and written communications and interpersonal skills, with the ability to build successful  relationships with all levels. Comfortable working with sponsors and board advisors. 
• Proven high level of integrity, trustworthiness and confidence, as well as ability to represent the company and  security leadership with the highest level of professionalism. Familiarity and experience applying various  industry control and risk frameworks including: CIS, NIST CSF, ISO 27001 etc.  
• Bachelor’s Degree in Computer Science or related field. Master’s Degree is desirable.

Our commitment to you:
•Your entrepreneurial spirit and vision will fuel opportunities for career advancement
•You'll make a difference for some pretty impressive brands; Odessa serves many of the world's leading financial institutions and manufacturers
•Opportunities for regular learning through training, assignments and collaboration with experts across the company
•Exposure to a leading FinTech solution and the latest applications of technology in the world of financial services
•You'll gain access to a dynamic industry, worth more than $1.2 Trillion in the United States alone; check out resources on the North American and global markets