ZipRecruiter

Log In

1

Vice President High Risk Security Jobs (NOW HIRING)

Mastercard, Inc.

Vice President, Accounting

Purchase, NY · On-site

Corporate Security Responsibility All activities involving access to Mastercard assets, information ... risk to the organization and, therefore, it is expected that every person working for, or on behalf ...

MasterCard

Vice President, Accounting

Purchase, NY · On-site +1

Executes the double materiality risk assessment, ensuring ESRS compliance with clear linkage to ... High integrity and discretion in handling confidential information and sensitive disclosures.

Centra

VP Risk & Compliance Solutions

Columbus, IN · On-site

$117K - $157K/yr

... a high level of Team Member engagement in the achievement of results, and the opportunity for ... Security Program, and Corporate Insurance coverage. * Serves as management liaison for ERC and ...

Phaxis

Risk Management Vice President

Jersey City, NJ · On-site

Manage all margin requirements on client accounts on a security basis, portfolio level and on the ... High Competency in Equities, Complex Options, Fixed Income, Reg T. Calculation and Portfolio Margin.

Centra

VP Risk & Compliance Solutions

Columbus, IN · On-site

$117K - $157K/yr

... a high level of Team Member engagement in the achievement of results, and the opportunity for ... Security Program, and Corporate Insurance coverage. * Serves as management liaison for ERC and ...

next page

Showing results 1-20

All JobsVice President High Risk Security Jobs

Vice President High Risk Security information

See salary details

$43.5K

$157.5K

$277.5K

How much do vice president high risk security jobs pay per year?

As of Jun 20, 2026, the average yearly pay for vice president high risk security in the United States is $157,532.00, according to ZipRecruiter salary data. Most workers in this role earn between $115,000.00 and $190,000.00 per year, depending on experience, location, and employer.
What cities are hiring for Vice President High Risk Security jobs? Cities with the most Vice President High Risk Security job openings:
What are the most commonly searched types of High Risk Security jobs? The most popular types of High Risk Security jobs are:
What states have the most Vice President High Risk Security jobs? States with the most job openings for Vice President High Risk Security jobs include:
Vice President High Risk Security jobs near you

VP, Risk and Data Security, Protection, and Resilience

The Estée Lauder Companies, Inc.

New York, NY • On-site

Full-time

Posted 14 days ago

Job description

The Estée Lauder Companies Inc. is one of the world's leading manufacturers, marketers, and sellers of quality skin care, makeup, fragrance, and hair care products, and is a steward of luxury and prestige brands globally. The company's products are sold in approximately 150 countries and territories under brand names including: Estée Lauder, Aramis, Clinique, Lab Series, Origins, M• A• C, La Mer, Bobbi Brown Cosmetics, Aveda, Jo Malone London, Bumble and bumble, Darphin Paris, TOM FORD, Smashbox, AERIN Beauty, Le Labo, Editions de Parfums Frédéric Malle, GLAMGLOW, KILIAN PARIS, Too Faced, Dr.Jart+, the DECIEM family of brands, including The Ordinary and NIOD, and BALMAIN Beauty.
Description
Who We Are
Do you want to be part of the team catalyzing digital innovation, harnessing the power of data, and transforming the fabric of security across the world's most prestigious beauty, skincare, and luxury fragrance brands? Then join our Risk Management and Data Security team in Enterprise Cybersecurity & Risk (ECR) at Estée Lauder Companies (ELC). Our Risk Management and Data Protection team is responsible for identifying, assessing, and mitigating potential risks to the enterprise and our data. This small but important group actively governs these critical pillars of work, shapes our risk management strategies, finds mitigation strategies. They will lead three teams- (1) Strategic Risk Management and Reduction, (2) Supplier Security and Third Party Risk Management, and (3) Data Security including Data Protection and Classification, Data Resilience and Disaster Recovery, and Data Loss Prevention. Their teams will collaborate across security, technology and business functions and will help to directly fortify the organization against evolving risks.
What You'll Do
As the Vice President, Risk Management and Data Security, you will lead the company's approach to cybersecurity and technology risk management and securing our data in its various forms, in collaboration with data and analytics and data privacy.
In this exciting new role, you will:
  • Lead and develop teams across technology risk, data protection, and security.
  • Establish governance forums for risk, security, and data protection decisions.
  • Partner with IT, Engineering, Legal, Compliance, and Product teams.
  • Translate technical and cyber risk into clear executive-level reporting.
  • Drive accountability without creating friction or unnecessary bureaucracy.
  • Drive consistent governance cadence with clear decision outcomes.
  • Have strong collaboration with technology and business leaders.
  • Maintain executive trust in risk and security reporting.

Risk Management and Reduction:
This strategic function will not only oversee the traditional risk management and risk register functions, but design and oversee the modernization of a risk management function meant to resolve and remediate risk, not just track it. This is an expansion of the "second line of defense" ensuring risk is addressed in meaningful and prioritized ways.
You will help enable innovation, finding the path forward for our technology innovation and help the organization stay at the cutting edge while keeping security risk to a minimum through technical and resolution-focused risk management.
Our risk management function relies more on technical solutions and risk mitigation than most programs, to modernize risk management and create more impact by the function.
You will seek to minimize overall security risk by identifying risks, monitoring requests through approval workflows, providing risk scoring, and presenting data to give a holistic view of the risk associated with risks identified at the company. Then be responsible for lead the effort to find and execute the solution until remediated.
You must have strong technical and business acumen, understanding the details behind and making decisions or influencing based on risk. You must also lead the team in balancing the tradeoffs of having ultimate security and running the business. You must be able to navigate countering perspectives, setting priorities independently, and leading effectively to manage the expectations of our stakeholders and technical and business leadership.
Data Protection and Security:
  • Define and own the enterprise data protection vision, roadmap, and operating model
  • Serve as the executive authority on data risk, data security, and data lifecycle management
  • Translate regulatory, legal, and business requirements into actionable data protection policies
  • Build and lead a high-performing global data protection organization
  • Define KPIs and dashboards for:
  • Data risk posture
  • Coverage of discovery and classification
  • DLP effectiveness
  • Remediation progress
  • Regularly brief executive leadership and the board on data protection risks and progress

Data Governance and Policy:
  • Establish and oversee enterprise data governance frameworks, including:
    • Data ownership and stewardship

    • Data lifecycle management

    • Data quality, retention, and disposition
  • Partner with business and technology leaders to embed governance into day-to-day operations
  • Ensure governance scales across cloud, hybrid, and multi-cloud environments

Data Classification and Discovery:
  • Own the enterprise data classification strategy, including:
    • Sensitive data identification (PII, PHI, PCI, IP, regulated data)
    • Labeling and tagging standards
  • Implement and mature automated data discovery tools across:
    • Endpoints
    • SaaS applications
    • Cloud storage
    • Data lakes and warehouse
  • Drive continuous discovery and remediation of exposed, misused, or over-retained data

Data Security and Data Loss Prevention:
  • Design and oversee data security controls across:
    • Data at rest, in transit, and in use
    • Structured and unstructured data
  • Lead enterprise DLP strategy and execution, including:
    • Endpoint, network, cloud, and SaaS DLP
    • Insider risk management
    • Exfiltration prevention
  • Partner with SOC and Security Operations on detection, response, and incident handling involving data exposure

Cloud and Data Lakes:
  • Define standards for secure data management in cloud platforms (AWS, Azure, GCP)
  • Ensure protection of data within:
    • Cloud storage (S3, Blob, GCS)
    • Container security
    • Data lakes
    • Analytics platforms and AI/ML pipelines
  • Implement controls for:
    • Encryption and key management
    • Access governance
    • Data segmentation and isolation
    • Cross-border data transfers
  • Address emerging risks related to AI training data and model output

Responsibilities
  • Leading the ECR team and its technology stakeholders to reduce the risk of technology to the company by identifying and evaluating technology and cyber risks as they are identified. Risks related to but not limited to:
    • Architecture, infrastructure, cloud, and applications
    • Identity and access management
    • Software development and DevSecOps
    • Vulnerability management, technical debt, and configuration drift
    • Third-party and supply chain technology risk
    • Data Lakes and the cloud
  • Overseeing risk assessments and data security and protection for:
    • New and emerging technologies and platforms
    • Cloud migrations and architecture changes
    • High-risk vendors and service providers
  • Defining risk appetite and tolerance in partnership with leadership, ongoing measurement and reporting on risk against thresholds
  • Maintain a technology and cyber risk register with clear ownership and mitigation plans.
  • Overseeing and redefining the risk identification and risk management processes
  • Responsible for reviewing risks through triage and evaluative score risk level and severity with a focus on defining a potential path for remediation
  • Collaborating to define appropriate solutions to mitigate or remediate the risk by partnering with key stakeholders in ECR, IT, and the business, which will require consensus building and managing disagreements

Responsibilities Contd
  • Enabling balanced risk decisions by providing recommendations to leadership, escalating based on severity and risk level to ensure appropriate cyber protection capabilities and resiliency are built into the plans.
  • Translating technical risk into business impact and likelihood.
  • Providing regular risk reporting to executive leadership.
  • Defining and execute the data protection strategy focused on risk reduction.
  • Establishing and enforcing:
    • Data classification and labeling
    • Data handling and retention standards
    • Access controls and least-privilege principles
    • In all areas of the business and in all technology platforms
  • Partnering with Privacy, Legal, and Compliance to ensure regulatory data protection requirements are met (e.g., GDPR, CCPA/CPRA, HIPAA, PCI DSS).
  • Overseeing and ensuring the design and implementation of:
    • Encryption at rest and in transit
    • Data Loss Prevention (DLP) capabilities
    • Monitoring of data access and movement throughout the enterprise
  • Partnering with Architecture and technology teams to ensure our Zero trust framework ensures data is protected at all times
  • Helping govern the response to data exposure and data breach incidents both internally as well as with third parties.

Technical Proficiency:
  • Cybersecurity Depth: Cybersecurity skills include exposure to multiple cybersecurity domains e.g. cybersecurity architecture, engineering, operations, IDAM.
  • Cyber attack framework: First-hand experience in cybersecurity attacks and controls and how one works against the other. Experience with industry cybersecurity best practices and domains, with a constant willingness to learn more. Understanding of the MITRE ATT&CK framework.
  • IT Proficiency: At least 2 years delivering in at least 1 domain of information technology such as networks, application development, and infrastructure. Basic SDLC knowledge to include engineering and deployment plans and review boards.
  • Risk Management: Experience with ServiceNow and eGRC tools and the Integrated Risk Modules within.
  • Data Governance, Loss Prevention and Insider Threat: Expertise in governing framework for DLP monitoring and configuration. Data discovery experience in
  • Problem-Solving and Proactivity: Ability to identify opportunities for improvement and assist in the implementation of solutions. Initiative and autonomy in supporting ECR's strategic and operational goals.
  • Collaborative Mindset: Strong teamwork and community-building skills with the ability to collaborate effectively with cross-functional teams and stakeholders at various levels of seniority.
  • Administrative skill: Exposure to foundational data analytics. Basic Excel skills. Basic PowerPoint and Power BI Reporting.
  • Communication Skills: Ability to communicate effectively with both technical and non-technical stakeholders.
  • Adaptability and Flexibility: Ability to work in a dynamic environment and adapt to changing priorities.
  • Attention to Detail: Strong organizational skills and attention to detail in data analysis and reporting.

Qualifications
  • Bachelor's degree in Computer Science or Cybersecurity related field - required
  • Post-graduate work or thesis in Risk Management - preferred
  • Minimum 15+ years relevant experience within Information or Cyber Security
  • 8+ years experience serving specifically in Cybersecurity leadership roles
  • Technical certification such as OSCP, CEH, CCSP, PenTest+, CISSP, SANS GIAC or equivalent to demonstrate technical proficiency - strongly preferred
  • Must have hands on experience delivering in security capabilities and the technologies powering a security stack, as well as first-hand knowledge of what it takes to engineer and deliver on IT and security technologies and controls
  • Must have experience in making security decisions, prioritization, and trade-offs based on risk
  • Experience delivering in at least two of the three lines of defense, demonstrating an understanding of what it's like to be in the audit or owner seat.
  • Previous business management experience preferred, demonstrating effective senior stakeholder engagement and influence capability
  • Demonstrated experience in analysis, data gathering, data collation and data interpretation
  • Strong working knowledge of security frameworks, policies and industry standards, appropriate and secure functionality of infrastructure and applications, and experience in assessing and mitigating technology risk
  • Strong understanding of and experience adhering to industry standards and frameworks such as NIST CSF, PCI, SOX, ISO/IEC 27001, NIST SP800, COBIT, ITIL, etc.
  • Ability to dive deeply into technical subject matter with IT and Security leadership and SMEs, influencing and leading change in the technical and process approaches in order to improve the security of the organization
  • Ability to effectively communicate technical topics in the business language in order to drive successful outcomes for the organizationDemonstration of leadership/management assignments, and prioritization of competing urgencies
  • Broad experience in team management with a global and virtual capability, demonstrating strong leadership, influence and motivational skills with a known good reputation in both skillset and relationships in the security industry.
  • Deep experience in building and leading teams, identifying and developing cybersecurity talent, and driving operational excellence and effectiveness across security architecture, engineering and operations
  • Track record in building and leading strong teams of thriving, motivated, skilled individuals
  • Ability to lead and influence solution development i...

Apply