Job Specifications
Headquartered in Alpharetta, Georgia, National Christian Foundation (NCF) is a 501(c)(3) charitable grantmaking ministry that provides creative giving solutions and inspires biblical generosity among Christian families, advisors, and charities. NCF has received more than $26 billion in contributions and made more than $21 billion in giver-recommended grants to 90,000 charities. NCF is an industry leader in accepting gifts of appreciated assets such as stocks, real estate, and business interests, which enable givers to save taxes and maximize charitable gifts. We combine a faith-based approach and like-minded local presence with the support and expertise of a trusted national organization. Learn more at www.ncfgiving.com .
Position Overview
The purpose of this position is to represent Global Security, Governance, Risk Management, Security Operations and Incident Response advocating for information security, data privacy, and disaster recovery working with all other appropriate stakeholders. Ensures compliance programs and Information Security policy deliverables are met by establishing and maintaining the vision, strategy, architecture, multi-year roadmap and budget that ensures NCF's information assets are protected by performing the following duties personally or through subordinate employees.
This position is hybrid based out of the office in Alpharetta, GA.
Reports to: Chief Information Officer
Management/Supervision: Senior Security Engineers
Duties & Responsibilities
Strategic Influencer: Continue to drive the overall security posture throughout an organization. The VP will identify current needs, as well as anticipate future needs. Articulate risk and put together a balanced, proper security plan: not overly conservative but business-risk based. Provides updates to the Executive Leadership team on program metrics, industry standards and best practices, status of current and emerging threats, and advises on appropriate courses of action.
Team Builder & Leadership: The VP should evaluate the existing security team and build the necessary skillsets required to continue the maturity of the security program . The VP will have a high level of personal integrity, with the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. They shall have experience in managing a team, as well as managing resources provided by MSP's.
Domain Expertise: The VP shall have a proven background in security leadership, ideally possessing the following areas of expertise at scale to complete the following functions:
Securing Corporate Assets: The VP will have experience implementing world class programs for AppSec, InfoSec, and CorpSec, keeping data safe for Kingdom assets as well as its employees. The VP has designed and implemented security assurance practices including threat modeling and penetration testing and possesses in-depth knowledge of common application, infrastructure security vulnerabilities, and mitigations skilled at implementing secure modern Identity and Access Management (IAM).
Governance / Risk / Compliance: The VP will possess a strong knowledge of standards and information security while ensuring ongoing company compliance including exposure to controls around the Service Organization Control 1 and 2 (SOC 1 /SOC 2), NIST 800-30, ISO 27001, Payment Card Industry Security Standards (PCI), Cloud Security Alliance (CSA), and various other laws and regulations will be ideal. They are also responsible for the completion of internal/external audits and insurance documents. In addition, the VP leads the development of up-to-date information security policies, procedures, standards and guidelines, and oversees their approval with the Security Committee, implementation and maintenance.
Securing the Public Cloud: The VP shall have an understanding of cloud computing architectures and security challenges with running multi-tenant environments at scale in public cloud environments particularly in Microsoft Azure to support our technology transformation.
Application and Infrastructure Security / Collaborate with Engineering: The VP will be closely involved in maintaining and improving security partnering with enterprise architects, infrastructure, and application teams to ensure technologies are developed and maintained according to security best practices, policies and guidelines. Prior experience in leading application security and advocating for product security improvements with product teams.
Additional Responsibilities
Credible External Posture: In addition to the heavily focused internal scope, the VP will also be responsible for guiding, narrating, and elevating the company's external security posture and narrative.
Exceptional Communicator: The ideal candidate shall be an excellent storyteller with the ability to articulate a clear vision that balances technical expertise, pragmatic understanding of the security landscape, principled decision ma
About the Company
At the National Christian Foundation (NCF), we understand the challenges that come with being entrusted with much. For more than four decades, we've come alongside generous Christians and their advisors to guide them through the complicated landscape of giving so they can make the most of all God has entrusted to them. We are the largest Christian donor-advised fund (DAF) sponsor, inspiring biblical generosity in more than 180 local communities across the country. Since 1982, we've sent more than $20 billion to more than 90,...
Know more