VP, Information Security

Company Description

Agentis Financial is a pioneering credit card servicing platform revolutionizing the way co-brand programs are launched, managed, and scaled. Through its Loyalty-as-a-Service model, Agentis empowers partners to design personalized, data-driven credit programs with enhanced agility and efficiency, aligning more closely with customer needs. Integrated analytics and real-time insights enable optimization of risk, marketing strategies, and overall portfolio performance. Agentis supports both established issuers and emerging brands, transforming co-brand credit card programs into powerful growth drivers that enhance customer loyalty and fuel business success.

Role Description

Agentis Financial is seeking a Vice President of Information Security to lead the company’s security strategy, governance, and risk management functions across our platform and

operations.

This role is responsible for building and scaling a comprehensive information securityprogram that protects customer data, ensures regulatory compliance, and supports the secure growth of our credit card servicing platform. The VP of Information Security will partner closely with engineering, infrastructure, compliance, and executive leadership to

embed security into all aspects of the organization.

The ideal candidate brings deep experience in financial services or fintech environments, with a strong understanding of regulatory frameworks, data protection, and modern

security architecture. This individual will operate both strategically and tactically, setting direction while ensuring effective execution across security operations.

This is a hybrid role based in Lenexa, Kansas, requiring a combination of onsite presence and remote work.

Key Responsibilities

Security Strategy & Leadership

• Define and execute the company’s information security strategy aligned with business objectives and regulatory requirements
• Establish security as a core organizational capability across product, infrastructure, and operations
• Serve as the primary security advisor to executive leadership on risk, threats, and mitigation

Governance, Risk & Compliance

• Design and maintain security policies, standards, and control frameworks
• Ensure compliance with relevant regulations and industry standards (PCI DSS, SOC2, GLBA, etc.)
• Lead risk assessments, audits, and third-party security reviews
• Oversee incident response planning, testing, and execution

Security Architecture & Operations

• Oversee the design and implementation of secure systems, networks, and application architectures
• Partner with engineering and IT to integrate security into infrastructure, cloud environments, and development workflows
• Manage security tools including SIEM, endpoint protection, identity and access management, and vulnerability management
• Monitor threats, vulnerabilities, and emerging risks, ensuring timely mitigation

Data Protection & Privacy

• Establish and enforce data security and privacy controls across the organization
• Ensure proper handling, storage, and transmission of sensitive financial and customer data
• Partner with legal and compliance teams on data governance and privacy requirements

Third-Party & Vendor Security

• Develop and manage third-party risk management processes
• Evaluate and monitor the security posture of vendors, partners, and service providers

Security Awareness & Culture

• Promote security awareness across the organization through training and internal programs
• Ensure employees follow best practices for data protection and system access
• Team Leadership & Development
• Build and lead a high-performing information security team
• Establish processes, metrics, and accountability across security operations
• Manage external vendors and security partners as needed

Qualifications

• 10 years of experience in information security, cybersecurity, or related roles, with at least 5 years in a leadership capacity.
• Experience in financial services, fintech, or highly regulated environments strongly preferred.
• Deep understanding of security frameworks and standards such as PCI DSS, SOC 2, ISO 27001, NIST, and GLBA.
• Experience with cloud security (AWS, Azure, or GCP), application security, and modern infrastructure environments.
• Proven experience leading incident response, risk management, and compliance programs.
• Relevant certifications such as CISSP, CISM, or CISA preferred.

Deep technical understanding of modern security architectures and threats

Key Skills

• Experience operating in high-growth or evolving environments
• Strong strategic thinking and ability to translate risk into business impact
• Excellent communication skills with ability to influence executive stakeholders
• Strong leadership and team-building capabilities

Ability to balance security rigor with business agility