VP of Cyber Security

Job Description: • Own the 24-month global security roadmap developed with an external partner; drive planning, resource allocation, cross-region rollout, milestone tracking, and KPI delivery. • Deliver and maintain certifications and frameworks: lead efforts to achieve ISO 27001 certification, align to the NIST Cybersecurity Framework, and ensure GDPR compliance (and applicable regional privacy laws). • Lead the cybersecurity transformation: redesign the security operating model, establish regional capability hubs, hire and upskill teams, and integrate security into engineering and product lifecycles (DevSecOps). • Modernize security tooling and architecture: define global architecture for IAM, cloud security, vulnerability management, SIEM/XDR, DLP, and secure SDLC integrations; manage vendor selection and lifecycle. • Establish enterprise governance and risk programs: policy management, risk assessments, third-party risk, incident response, crisis management, business continuity, and regular tabletop exercises. • Client-facing responsibilities (~20%): act as a senior security advisor to key global customers, lead security briefings and audits, support RFPs and security questionnaire responses, and maintain strong client relationships. • Reporting and stakeholder communication: deliver executive and Board-level reporting on security posture, program progress, risk, and ROI. • Manage external partners and audits: coordinate with the third-party consulting firm, external auditors, penetration testing vendors, and technology providers. • People leadership: recruit, mentor, retain, and scale global security talent; define career paths, training programs, and local leadership to sustain capabilities. Requirements: • 10+ years in cybersecurity leadership, including enterprise-scale, multi-region transformation and certification programs. • Proven track record delivering ISO 27001 certification, NIST Cybersecurity Framework implementations, and GDPR compliance. • Cloud security (AWS/Azure/GCP), IAM, secure SDLC/DevSecOps, vulnerability management, logging/SIEM/XDR, data protection. • Demonstrated experience in client-facing roles supporting enterprise customers on security and audit matters. • Excellent presentation skills for C-level and Board audiences across time zones and cultures. • Bachelor’s degree in Computer Science, Information Security, or equivalent; relevant certifications such as CISSP, CISM, or ISO 27001 Lead Benefits: • Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. • Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. • Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws. Apply tot his job