Information Security Officer, Assistant Vice President
Kilkenny, Minnesota, United States of America
Full Time
14 hours ago
Visa Sponsor
Key skills
CloudCommunicationNetwork SecurityZero Trust
About this role
Role Overview
- Provide cyber risk advisory support across enterprise infrastructure domains, including compute, storage, identity, cloud platforms, and network/connectivity technologies
- Engage early with engineering and platform teams to assess designs, material changes, and new initiatives before implementation
- Translate infrastructure and network security risk into clear, practical guidance aligned to enterprise risk appetite and regulatory expectations
- Independently assess risk scenarios and make well-reasoned recommendations, escalating when material risk or uncertainty warrants it
- Partner with infrastructure, network, and cloud engineering teams to embed security-by-design and resilience principles into architectures and delivery models
- Review architecture diagrams, design documents, and control implementations for security and operational risk
- Contribute to security considerations around network segmentation, trust boundaries, ingress/egress controls, connectivity patterns, and monitoring approaches
- Help align infrastructure and network security patterns to enterprise standards, zero trust principles, and regulatory obligations
- Support infrastructure and network security risk assessments, control gap identification, and remediation prioritization
- Track remediation actions, helping ensure risks are clearly understood, documented, and addressed in a pragmatic manner
- Assist with exception handling, risk acceptance documentation, and articulation of residual risk posture
- Contribute to internal audit, regulatory reviews, and governance forums by explaining infrastructure and network risk in business-relevant terms
- Provide advisory support during infrastructure or network-related cyber incidents, including impact assessment and control improvement identification
- Partner with SOC, threat, vulnerability, and engineering teams to interpret findings and understand emerging infrastructure-related risks
- Participate in lessons-learned activities to help improve preventative controls upstream
Requirements
- experience in information security, infrastructure security, or technology risk within a large, complex organization
- solid foundational understanding of enterprise infrastructure and associated security risks across on-prem, cloud, and hybrid environments
- demonstrated curiosity and desire to learn, including the ability to ramp quickly on unfamiliar technologies or patterns
- proven ability to work independently, manage ambiguity, and make reasoned decisions with incomplete information
- strong written and verbal communication skills; able to influence without direct authority
- familiarity with industry or regulatory frameworks (e.g., NIST, ISO, DORA, FFIEC) is beneficial but not mandatory
Tech Stack
- Cloud
Benefits
- flexible work-life support
- paid volunteer days
- inclusive development opportunities