About the Role:

The VP, Cyber Risk is responsible for leading initiatives covering information and enterprise security, leveraging secure patterns and checks to identify security control gaps, driving adoption of security solutions, and security uplifts across people, process and technologies. This role within the CISO organization interfaces closely with product owners and influences portfolio leaders across engineering, program and operations. The Cyber Security Risk drives the evolution of our enterprise and corporate solutions through the adoption of strong architecture patterns that yield secure by design solutions. You will work along a rapidly growing team of high-performing security architects, that you will inspire and help grow.

You will engage with a globally distributed team of security professionals and business leaders, interacting regularly with our Zscaler engineers, architects, product experts and developers to create security solutions for a strategic advantage for the world's premiere Zero-Trust company. You will work in a fast-paced and intellectually intense environment to interpret policies and guidelines flexibly enhancing the business and keeping with Zscaler’s values and culture. You will be an integral part of the Zscaler Security Risk Management and Enterprise Architecture teams in delivering the security program for all of Zscaler.

Responsibilities: 

• Influencing executive and senior leaders to mature and adopt industry-leading security architecture across their owned technology portfolio. 
• Supporting teams through change, while handling ambiguous situations and competing priorities.
• Understanding the business strategy, and distilling strategy to relevant security requirements, while engaging in data-backed conversations to get buy-ins from key stakeholders. 
• Sharing best practices in security across business units and bridging between security and the rest of the enterprise. 
• Driving risk management conversations with industry updates and pertinent architecture analysis. Analyzing alongside architects and subject matter experts potential threat scenarios and proposing effective mitigation strategies. 
• Conducting thorough assessments of cyber risks across the enterprise, preparing comprehensive risk reports for executive and senior management, and providing insights into potential risks and advocating for recommended actions. Communicating effectively, ensuring awareness and understanding throughout the business units.
• Maintaining and updating the organization's cyber risk registry, ensuring accurate and up-to-date information on identified risks, their status, and mitigation actions.

Requirements:

• Bachelor’s degree (or equivalent). 
• Minimum of 10 years of information security risk management experience, with a strong background in enterprise and corporate architecture, secure software development practices, infrastructure security, security applications and technologies in private and public clouds as well as corporate environments. 
• Expertise in cyber security practices including configuration and architecture of security tools and products, service-oriented architecture, machine learning and artificial intelligence, etc. 
• Expert knowledge with hands-on experience across security and engineering technology platforms. 
• Knowledge of legal and regulatory requirements related to security and privacy in an international environment, including geo specificities. 
• Executive leadership and ability to interface with executive leaders and influence senior leaders across the entire enterprise. 
• Ability to communicate (written and verbally) highly complex and technical concepts and information risk to technical and non-technical business audiences, driving risk decisions through data-backed storytelling. 
• Experience driving compliance programs and expertise with business risk management, driving towards goals that balance between strong security and enabling business. 
• Experience leading globally distributed and cross-functional teams.
• Ability to operate in a fast-paced environment, leveraging an entrepreneurial mindset to incrementally deliver value and balancing speed and results.