VP of Cyber Security

Summary:

• Black Duck seeks an experienced, transformation‑oriented VP of Cybersecurity to lead a global security program and maturity roadmap.
• This executive will partner with a third‑party security firm to build and implement a two‑year roadmap to meet and exceed NIST, GDPR, and ISO 27001 standards.
• The role combines enterprise security leadership, hands‑on program delivery, and client engagement.

Key Responsibilities:

• Deliver and maintain certifications and frameworks: lead efforts to achieve ISO 27001 certification, align to the NIST Cybersecurity Framework, and ensure GDPR compliance.
• Modernize security tooling and architecture: define global architecture for IAM, cloud security, vulnerability management, SIEM/XDR, DLP, and secure SDLC integrations; manage vendor selection and lifecycle.
• Manage external partners and audits: coordinate with the third‑party consulting firm, external auditors, penetration testing vendors, and technology providers.

Required qualifications:

• Experience: 10+ years in cybersecurity leadership, including enterprise‑scale, multi‑region transformation and certification programs.
• Certifications and frameworks: Proven track record delivering ISO 27001 certification, NIST Cybersecurity Framework implementations, and GDPR compliance.
• Technical breadth: Cloud security (AWS/Azure/GCP), IAM, secure SDLC/DevSecOps, vulnerability management, logging/SIEM/XDR, data protection.