VP IT Information Security & Audit

Marzetti Company
Columbus, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Columbus, United States of America

Tech stack

Artificial Intelligence
Data analysis
Azure
Cloud Computing Security
Computer Security
Information Technology Audit
IT Management
Intrusion Detection and Prevention
SAP Applications
SAP HANA
Software Vulnerability Management
Data Processing
Data Classification
IT General Controls (ITGC)
Information Technology
Cybercrime
Data Analytics
Operational Systems

Job description

The Vice President Information Security & Audit is a senior IT leadership role responsible for protecting the company's information assets, technology platforms, and digital operations. Reporting to the Chief Information Officer (CIO), this role provides strategic direction, governance, and operational oversight for enterprise cybersecurity, information security, data privacy, and IT audit functions. As a member of the IT Leadership Team, this role partners closely with business and technology leaders to enable growth, innovation, and operational excellence while managing cyber risk in an always-on manufacturing environment. Our company enjoys a modern technology stack, including SAP HANA on Microsoft Azure for ERP and Microsoft-based platforms for data, analytics, collaboration, and security., * Define and execute the enterprise cybersecurity and information security strategy aligned with business objectives and risk tolerance.

  • Protect enterprise systems, networks, applications, cloud platforms, and operational technology (OT) environments from cyber threats.
  • Oversee security architecture and controls for SAP on Azure and Microsoft-based data and analytics platforms.
  • Lead threat detection, incident response, vulnerability management, and security operations, leveraging internal capabilities and third-party partners.
  • Establish and maintain security standards, policies, procedures, and technical controls across the enterprise.
  • Partner with Infrastructure, Applications, Data & Analytics, and OT teams to embed security into system design and operations., * Own the enterprise privacy and data protection program, ensuring compliance with applicable privacy and data protection laws and regulations.
  • Develop and maintain policies and processes for data classification, data handling, retention, and protection.
  • Partner with Legal, HR, and business leaders to manage privacy risk related to customer, consumer, employee, and supplier data.
  • Oversee privacy risk assessments, third-party privacy reviews, and incident response related to data privacy events.

IT Audit, Risk & Compliance

  • Lead the IT controls and audit function, including internal IT audits, controls testing, and coordination with internal and external auditors.
  • Ensure the effectiveness of IT general controls (ITGCs) supporting financial reporting, operational resilience, and regulatory compliance.
  • Own and employ technology risk management practices, including risk assessments, remediation tracking, and executive reporting.
  • Support enterprise risk management (ERM) initiatives by providing cybersecurity and technology risk insights., * Manage a hybrid delivery model with several security and audit functions provided by trusted third-party partners.
  • Set clear goals, performance expectations, and development plans for team members.
  • Manage departmental budgets, vendor relationships, and service-level expectations.

Strategy, Governance & Executive Partnership

  • Serve as a trusted advisor to the CIO and IT leadership team on cybersecurity, privacy, and technology risk matters.
  • Regularly report on cybersecurity posture, risk levels, incidents, and compliance status to executive leadership.
  • Establish and maintain governance forums, metrics, and dashboards to support informed decision-making.
  • Stay current on emerging threats, regulatory changes, and industry best practices relevant to food manufacturing and global supply chains.

Requirements

Do you have experience in Vendor relationship management?, Do you have a Bachelor's degree?, * Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field; or equivalent experience.

  • 15+ years of progressive experience in cybersecurity, information security, IT risk, or audit roles.
  • Proven experience leading enterprise security programs in complex, regulated environments.
  • Strong understanding of cloud security, particularly Microsoft Azure and SAP landscapes.
  • Experience managing third-party security providers, MSSPs, and audit partners.
  • Demonstrated ability to communicate complex technical and risk concepts to executive and business audiences.

Preferred:

  • Advanced degree (MBA, MS in Cybersecurity, or similar).
  • Relevant certifications such as CISSP, CISM, CISA, CRISC, or equivalent.
  • Experience in manufacturing, food & beverage, consumer packaged goods, or industrial environments.
  • Familiarity with OT/ICS security and plant-floor technology risks.
  • Exposure to AI use cases related to IS

Competencies:

  • Strategic Mindset and Decision Quality with a pragmatic, business-oriented approach to risk management.
  • Drives Engagement and Results; Ensures Accountability. Strong people leader with experience building, mentoring, and scaling teams.
  • Collaborative partner who can influence without authority across IT and the business.
  • Manages Ambiguity
  • Instills Trust: Calm and decisive leader during incidents and high-pressure situations.

Benefits & conditions

  • Occasional travel to corporate offices, manufacturing locations, and key vendors as needed.

Apply for this position