VP, Product Security

At Early Warning, we've powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle, Paze℠, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and protect transactions for hundreds of millions of consumers and small businesses.

Positions located in Scottsdale, San Francisco, Chicago, or New York follow a hybrid work model to allow for a more collaborative working environment.

Candidates responding to this posting must independently possess the eligibility to work in the United States, for any employer, at the date of hire. This position is ineligible for employment Visa sponsorship.

Overall Purpose

This position provides security and thought leadership for the Early Warning Product Security program including: developing, implementing, and maturing of security on all Early Warning product offerings in order to minimize the possibility of malicious access, attacks, and data breaches. The position employs a high level of technical knowledge in the area of cloud security, Dev Sec Ops , and CI/CD pipelines in order to create secure and scalable financial products.

The position reports to the Chief Information Security Officer (CISO), but recognizing the network-wide nature of the responsibility, will frequently be involved with product management, product development, product engineering, cloud engineering, 3rd party audits, regulator interaction and customer facing security issues.

Essential Functions

* Leads a high performing team:
Provides exceptional leadership in developing highly engaged, high performance team.

* Creates frictionless paths for engineering teams to securely build and deploy new products.

* Manages the development, deployment and execution of controls and defenses to ensure the security and risk mitigation developed products and digital payment systems.

* Identifies and designs cybersecurity architecture, goals, objectives and performance metrics, including KRI's and KPI's; analyzes business needs and priorities for protection of critical systems.

* Establishes and implements appropriate product security standards for the secure development, operations, and compliance.

* Leverages in depth knowledge of threat modeling, secure software development lifecycle, cloud security, cryptography, authentication, and authorization design patterns.

* Lead cross functional teams to architect, design, and deploy secure cloud services and application architecture.

* Leads purple team certifications for all products to ensure that products are designed with logging and monitoring capabilities adequate for detecting and responding to all potential cybersecurity events. Provides subject matter expertise and support for vulnerability audits and product incident response. Oversees the quality of code analysis, reporting and resolution. Identifies issue trends and drives root cause resolutions.

* Evaluates potential business impacts from security breaches and provides strategic and tactical guidance to business decision-makers. Develops and executes security systems compliance policies and procedures.

* Prevents production vulnerabilities and ensures quick resolution of security testing findings, such as bug bounty, penetration testing, or audit findings.

* Interacts with customers, regulators and auditors on a regular basis.

* Support the company's commitment to risk management and protecting the integrity and confidentiality of systems and data.

Minimum Qualifications

* Education and experience typically obtained through completion of a Bachelor's degree in Computer Science, Engineering, Math or Physical Science

* 13 or more years of relevant work experience and leadership experience in applicable information security roles.

* Experience with various types of information security tools and controls.

* Clear and concise understanding of current security vulnerabilities and attacks.

* Experience evaluating and assigning risk levels to uncovered issues

* Experience with the OWASP Top 10 and other Application Security issues

* Extensive experience with network security design and protection,…