×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager Information Security Data Security

VP, Security

Job in Orlando, Orange County, Florida, 32885, USA
Listing for: Stax Payments
Full Time position
Listed on 2025-12-23
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Join to apply for the VP, Security role at Stax Payments

Description

The VP, Security is a key executive leader responsible for advancing Stax's enterprise security posture across cloud infrastructure, applications, identity and access management, and compliance frameworks. This role oversees all security operations, vulnerability management, audit programs (PCI DSS, SOC 1, SOC
2), and the strategic integration of security tools and controls. The VP, Security directs cross-functional teams, establishes security governance, and ensures alignment between Technology, Engineering, IT, Product, and Compliance on security strategy and execution. This position requires executive presence, hands‑on cloud security expertise, and demonstrated ability to manage complex security transformations and third‑party vendor relationships.

Responsibilities Compliance, Audit & GRC Leadership
  • Own and oversee Stax's PCI DSS and SOC 2 audit programs, ensuring successful annual execution, evidence collection, and remediation planning in partnership with external auditors
  • Lead implementation and oversight of the SOC 1 audit program (Budget allocated for 2026) and coordinate requirements across all relevant business units
  • Establish and maintain comprehensive security governance frameworks aligned with PCI DSS, SOC 1, and SOC 2 requirements
  • Drive continuous improvement in audit readiness, control testing, and documentation to reduce remediation cycles
  • Serve as executive liaison to external auditors, ASVs, and compliance partners
Cloud Security Architecture & AWS Governance
  • Drive automation of security controls through Infrastructure-as-Code and AWS native capabilities
  • Align AWS security posture with PCI encryption and network segmentation requirements
  • Partner with Engineering and Cloud Architecture teams to embed security controls into CI/CD pipelines and deployment workflows
Security Operations & Threat Detection
  • Direct Security Operations Center (SOC) activities and incident response programs, including Splunk for SIEM, log analytics, and security event management, Crowd Strike for endpoint detection and response (EDR) and threat hunting, Relia Quest for managed security services and SOC expansion, Cloudflare for DDoS mitigation, WAF, and perimeter security
  • Ensure continuous improvement in detection capabilities, response playbooks, and mean‑time‑to‑respond metrics
  • Oversee Security Operations team (Jose Alvarado lead) and secure additional resources as needed for scaling operations
  • Maintain operational readiness and cross‑training across Splunk, Crowd Strike, Relia Quest, and Cloudflare platforms
Vulnerability Management & Remediation
  • Oversee comprehensive vulnerability management program using Tenable for external vulnerability scans (ASV), Qualys for internal scanning, AWS Inspector, Snyk for SCA, Sonar Qube for SAST, and Aikido for runtime security integration
  • Monitor and report on vulnerability metrics, including remediation coverage across Stax Bill, Block Chyp, and other key platforms
  • Implement blocking policies for critical vulnerabilities in deployment pipelines (in coordination with Aikido rollout)
  • Ensure remediation accountability across CMD teams and engineering organizations
Identity, Access & Authentication
  • Own Okta security posture and oversee all Okta upgrade initiatives, including Okta Fast Pass passwordless rollout, governance, access control policy enforcement, and coordination of PCI requirements with IT and Compliance teams
  • Establish and enforce least‑privilege access principles across all systems and cloud environments
  • Partner with IT to maintain Okta security hardening and MFA enforcement
Application & Code Security
  • Oversee Git Hub Enterprise security transition to CMD team, ensuring repository security controls and access governance remain aligned with compliance, executive sponsorship for budget, training, and organizational adoption
  • Drive integration of security scanning tools into CI/CD pipelines:
    Snyk, Sonar Qube, Human Security for secrets detection, Aikido for runtime protection and deployment gating
  • Ensure all security scanning policies and deployment gates are enforced and monitored
Endpoint, Mobile & Data…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search