Stax Payments
Join to apply for the
VP, Security
role at
Stax Payments
Description The VP, Security is a key executive leader responsible for advancing Stax's enterprise security posture across cloud infrastructure, applications, identity and access management, and compliance frameworks. This role oversees all security operations, vulnerability management, audit programs (PCI DSS, SOC 1, SOC 2), and the strategic integration of security tools and controls. The VP, Security directs cross-functional teams, establishes security governance, and ensures alignment between Technology, Engineering, IT, Product, and Compliance on security strategy and execution. This position requires executive presence, hands‑on cloud security expertise, and demonstrated ability to manage complex security transformations and third‑party vendor relationships.
Responsibilities Compliance, Audit & GRC Leadership
Own and oversee Stax's PCI DSS and SOC 2 audit programs, ensuring successful annual execution, evidence collection, and remediation planning in partnership with external auditors
Lead implementation and oversight of the SOC 1 audit program (Budget allocated for 2026) and coordinate requirements across all relevant business units
Establish and maintain comprehensive security governance frameworks aligned with PCI DSS, SOC 1, and SOC 2 requirements
Drive continuous improvement in audit readiness, control testing, and documentation to reduce remediation cycles
Serve as executive liaison to external auditors, ASVs, and compliance partners
Cloud Security Architecture & AWS Governance
Drive automation of security controls through Infrastructure-as-Code and AWS native capabilities
Align AWS security posture with PCI encryption and network segmentation requirements
Partner with Engineering and Cloud Architecture teams to embed security controls into CI/CD pipelines and deployment workflows
Security Operations & Threat Detection
Direct Security Operations Center (SOC) activities and incident response programs, including Splunk for SIEM, log analytics, and security event management, CrowdStrike for endpoint detection and response (EDR) and threat hunting, ReliaQuest for managed security services and SOC expansion, Cloudflare for DDoS mitigation, WAF, and perimeter security
Ensure continuous improvement in detection capabilities, response playbooks, and mean‑time‑to‑respond metrics
Oversee Security Operations team (Jose Alvarado lead) and secure additional resources as needed for scaling operations
Maintain operational readiness and cross‑training across Splunk, CrowdStrike, ReliaQuest, and Cloudflare platforms
Vulnerability Management & Remediation
Oversee comprehensive vulnerability management program using Tenable for external vulnerability scans (ASV), Qualys for internal scanning, AWS Inspector, Snyk for SCA, SonarQube for SAST, and Aikido for runtime security integration
Monitor and report on vulnerability metrics, including remediation coverage across Stax Bill, BlockChyp, and other key platforms
Implement blocking policies for critical vulnerabilities in deployment pipelines (in coordination with Aikido rollout)
Ensure remediation accountability across CMD teams and engineering organizations
Identity, Access & Authentication
Own Okta security posture and oversee all Okta upgrade initiatives, including Okta FastPass passwordless rollout, governance, access control policy enforcement, and coordination of PCI requirements with IT and Compliance teams
Establish and enforce least‑privilege access principles across all systems and cloud environments
Partner with IT to maintain Okta security hardening and MFA enforcement
Application & Code Security
Oversee GitHub Enterprise security transition to CMD team, ensuring repository security controls and access governance remain aligned with compliance, executive sponsorship for budget, training, and organizational adoption
Drive integration of security scanning tools into CI/CD pipelines: Snyk, SonarQube, Human Security for secrets detection, Aikido for runtime protection and deployment gating
Ensure all security scanning policies and deployment gates are enforced and monitored
Endpoint, Mobile & Data Protection
Own endpoint and device security strategy, including CrowdStrike for EDR, Jamf for macOS device management, Microsoft Intune for Windows and mobile device management, security policy enforcement and remote wipe capabilities
Oversee Mimecast email security and cross‑train teams on operations and threat handling
Lead Zscaler DLP rollout and data loss prevention capabilities across the organization
Manage VDI security strategy and access controls for sensitive environments
Network & Physical Security
Lead Network Hardening (Portnox) project through legal review and coordinate rollout with IT teams
Provide executive sponsorship and direction for Orlando Office Access Control implementation
Own perimeter security strategy using Cloudflare, AWS WAF, and AWS Shield Advanced
Security Awareness & Training
Direct KnowBe4 security awareness and phishing campaign program
Ensure annual security training compliance across all employees in partnership with HR
Establish metrics for phishing click rates, training completion, and user security awareness improvement
Netskope & Advanced Network Security
Oversee Netskope Zero Trust Network Access rollout: Coordinate resume of rollout across Engineering, QA, and Executive teams, work with executive sponsors to unblock adoption challenges, align Netskope security policies with zero‑trust access principles
Human Security & Application Integrity
Oversee Human Security rollout across development applications and infrastructure
Coordinate rollout completion to BlockChyp and other remaining applications
Leverage Human Security for secrets management and insider threat prevention
Team Leadership & Development
Build and lead a high‑performing security team spanning Cloud Security, Application Security, Security Operations, Vulnerability Management, and Governance, Risk & Compliance (GRC)
Establish clear accountability, KPIs, and career development paths for team members
Conduct regular one‑on‑ones, mentoring, and performance management
Foster a culture of proactive security and compliance across the organization
Represent security at executive and board‑level discussions and strategy sessions
Key Relationships & Stakeholder Management
Chief Technology Officer (CTO): Direct reporting relationship; executive alignment on security strategy and resource needs
CMD Team: Oversee GitHub Enterprise transition, coordinate SCA/SAST tool integration
VP Finance: Budget planning, vendor negotiations, and compliance‑related spending
Chief Compliance Officer / Audit: Partner on PCI, SOC 1, SOC 2 program execution and external auditor coordination
HR: Security awareness training, phishing program coordination, and employee onboarding security
Personal Attributes
Strategic thinker with ability to translate security requirements into operational execution
Strong analytical and problem‑solving skills
Results‑oriented and metrics‑driven in approach to security improvement
Excellent written and verbal communication skills
Ability to influence without direct authority across Technology, Engineering, and Business teams
Comfort with ambiguity and ability to drive clarity and alignment
Passion for continuous learning in rapidly evolving security landscape
Core Competencies
Executive Leadership: Strategic planning, team building, and organizational influence
Cloud Security Architecture: AWS infrastructure, identity, and data protection
Compliance & GRC: PCI DSS, SOC 2, audit readiness, and control frameworks
Security Operations: Incident response, threat detection, and 24/7 operations management
Vulnerability Management: Assessment, remediation, and risk prioritization
Stakeholder Management: Executive communication, vendor relationships, and cross‑functional alignment
Technical Depth: Hands‑on knowledge of security tools, cloud platforms, and infrastructure
Compensation & Benefits
Salary: Competitive, based on experience and qualifications
Benefits: Comprehensive benefits package including health insurance, 401(k), Open PTO, professional development budget
Professional Development: Budget for certifications, conferences, and training
Work Environment & Expectations
In office, Orlando, FL. preferred.
May require on‑call support during security incidents or critical system events
Travel for industry conferences, audits, and vendor meetings (estimated 5‑10% annually)
Flexibility to respond to emerging security threats and compliance requirements outside standard business hours when needed
Requirements
10+ years in enterprise or cloud security leadership roles
Minimum 5 years in a Vice President, Director, or equivalent executive‑level security position
Demonstrated expertise managing AWS security services and cloud‑native threat detection (GuardDuty, Security Hub, WAF, Shield)
Proven track record successfully leading PCI DSS and SOC 2 compliance programs through audit cycles
Experience building, leading, and scaling security teams (minimum 5 people)
Strong understanding of vulnerability management, remediation workflows, and security metrics
Demonstrated ability to manage complex security tool integrations and multi‑vendor environments
Executive presence and communication skills for board‑level presentations and stakeholder alignment
Required Knowledge
Deep technical knowledge of SIEM platforms (Splunk preferred) and SOC operations
Familiarity with identity and access management (Okta, Azure AD, or equivalent)
Understanding of Zero Trust architecture and network access controls
Knowledge of endpoint security and EDR platforms (CrowdStrike preferred)
Experience with application security tools and CI/CD pipeline security
PCI DSS compliance requirements and audit frameworks
SOC 2 Type II audit requirements and control frameworks
AWS IAM, networking, encryption, and infrastructure security best practices
Preferred Certifications
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
AWS Certified Security – Specialty
CCSK (Certified Cloud Security Knowledge)
PCI Qualified Security Assessor (QSA) or related compliance certification
Seniority level
Executive
Employment type
Full‑time
Job function
Other, Information Technology, and Management
Referrals increase your chances of interviewing at Stax Payments by 2x
Get notified about new Vice President Security jobs in
Orlando, FL .
#J-18808-Ljbffr
VP, Security
role at
Stax Payments
Description The VP, Security is a key executive leader responsible for advancing Stax's enterprise security posture across cloud infrastructure, applications, identity and access management, and compliance frameworks. This role oversees all security operations, vulnerability management, audit programs (PCI DSS, SOC 1, SOC 2), and the strategic integration of security tools and controls. The VP, Security directs cross-functional teams, establishes security governance, and ensures alignment between Technology, Engineering, IT, Product, and Compliance on security strategy and execution. This position requires executive presence, hands‑on cloud security expertise, and demonstrated ability to manage complex security transformations and third‑party vendor relationships.
Responsibilities Compliance, Audit & GRC Leadership
Own and oversee Stax's PCI DSS and SOC 2 audit programs, ensuring successful annual execution, evidence collection, and remediation planning in partnership with external auditors
Lead implementation and oversight of the SOC 1 audit program (Budget allocated for 2026) and coordinate requirements across all relevant business units
Establish and maintain comprehensive security governance frameworks aligned with PCI DSS, SOC 1, and SOC 2 requirements
Drive continuous improvement in audit readiness, control testing, and documentation to reduce remediation cycles
Serve as executive liaison to external auditors, ASVs, and compliance partners
Cloud Security Architecture & AWS Governance
Drive automation of security controls through Infrastructure-as-Code and AWS native capabilities
Align AWS security posture with PCI encryption and network segmentation requirements
Partner with Engineering and Cloud Architecture teams to embed security controls into CI/CD pipelines and deployment workflows
Security Operations & Threat Detection
Direct Security Operations Center (SOC) activities and incident response programs, including Splunk for SIEM, log analytics, and security event management, CrowdStrike for endpoint detection and response (EDR) and threat hunting, ReliaQuest for managed security services and SOC expansion, Cloudflare for DDoS mitigation, WAF, and perimeter security
Ensure continuous improvement in detection capabilities, response playbooks, and mean‑time‑to‑respond metrics
Oversee Security Operations team (Jose Alvarado lead) and secure additional resources as needed for scaling operations
Maintain operational readiness and cross‑training across Splunk, CrowdStrike, ReliaQuest, and Cloudflare platforms
Vulnerability Management & Remediation
Oversee comprehensive vulnerability management program using Tenable for external vulnerability scans (ASV), Qualys for internal scanning, AWS Inspector, Snyk for SCA, SonarQube for SAST, and Aikido for runtime security integration
Monitor and report on vulnerability metrics, including remediation coverage across Stax Bill, BlockChyp, and other key platforms
Implement blocking policies for critical vulnerabilities in deployment pipelines (in coordination with Aikido rollout)
Ensure remediation accountability across CMD teams and engineering organizations
Identity, Access & Authentication
Own Okta security posture and oversee all Okta upgrade initiatives, including Okta FastPass passwordless rollout, governance, access control policy enforcement, and coordination of PCI requirements with IT and Compliance teams
Establish and enforce least‑privilege access principles across all systems and cloud environments
Partner with IT to maintain Okta security hardening and MFA enforcement
Application & Code Security
Oversee GitHub Enterprise security transition to CMD team, ensuring repository security controls and access governance remain aligned with compliance, executive sponsorship for budget, training, and organizational adoption
Drive integration of security scanning tools into CI/CD pipelines: Snyk, SonarQube, Human Security for secrets detection, Aikido for runtime protection and deployment gating
Ensure all security scanning policies and deployment gates are enforced and monitored
Endpoint, Mobile & Data Protection
Own endpoint and device security strategy, including CrowdStrike for EDR, Jamf for macOS device management, Microsoft Intune for Windows and mobile device management, security policy enforcement and remote wipe capabilities
Oversee Mimecast email security and cross‑train teams on operations and threat handling
Lead Zscaler DLP rollout and data loss prevention capabilities across the organization
Manage VDI security strategy and access controls for sensitive environments
Network & Physical Security
Lead Network Hardening (Portnox) project through legal review and coordinate rollout with IT teams
Provide executive sponsorship and direction for Orlando Office Access Control implementation
Own perimeter security strategy using Cloudflare, AWS WAF, and AWS Shield Advanced
Security Awareness & Training
Direct KnowBe4 security awareness and phishing campaign program
Ensure annual security training compliance across all employees in partnership with HR
Establish metrics for phishing click rates, training completion, and user security awareness improvement
Netskope & Advanced Network Security
Oversee Netskope Zero Trust Network Access rollout: Coordinate resume of rollout across Engineering, QA, and Executive teams, work with executive sponsors to unblock adoption challenges, align Netskope security policies with zero‑trust access principles
Human Security & Application Integrity
Oversee Human Security rollout across development applications and infrastructure
Coordinate rollout completion to BlockChyp and other remaining applications
Leverage Human Security for secrets management and insider threat prevention
Team Leadership & Development
Build and lead a high‑performing security team spanning Cloud Security, Application Security, Security Operations, Vulnerability Management, and Governance, Risk & Compliance (GRC)
Establish clear accountability, KPIs, and career development paths for team members
Conduct regular one‑on‑ones, mentoring, and performance management
Foster a culture of proactive security and compliance across the organization
Represent security at executive and board‑level discussions and strategy sessions
Key Relationships & Stakeholder Management
Chief Technology Officer (CTO): Direct reporting relationship; executive alignment on security strategy and resource needs
CMD Team: Oversee GitHub Enterprise transition, coordinate SCA/SAST tool integration
VP Finance: Budget planning, vendor negotiations, and compliance‑related spending
Chief Compliance Officer / Audit: Partner on PCI, SOC 1, SOC 2 program execution and external auditor coordination
HR: Security awareness training, phishing program coordination, and employee onboarding security
Personal Attributes
Strategic thinker with ability to translate security requirements into operational execution
Strong analytical and problem‑solving skills
Results‑oriented and metrics‑driven in approach to security improvement
Excellent written and verbal communication skills
Ability to influence without direct authority across Technology, Engineering, and Business teams
Comfort with ambiguity and ability to drive clarity and alignment
Passion for continuous learning in rapidly evolving security landscape
Core Competencies
Executive Leadership: Strategic planning, team building, and organizational influence
Cloud Security Architecture: AWS infrastructure, identity, and data protection
Compliance & GRC: PCI DSS, SOC 2, audit readiness, and control frameworks
Security Operations: Incident response, threat detection, and 24/7 operations management
Vulnerability Management: Assessment, remediation, and risk prioritization
Stakeholder Management: Executive communication, vendor relationships, and cross‑functional alignment
Technical Depth: Hands‑on knowledge of security tools, cloud platforms, and infrastructure
Compensation & Benefits
Salary: Competitive, based on experience and qualifications
Benefits: Comprehensive benefits package including health insurance, 401(k), Open PTO, professional development budget
Professional Development: Budget for certifications, conferences, and training
Work Environment & Expectations
In office, Orlando, FL. preferred.
May require on‑call support during security incidents or critical system events
Travel for industry conferences, audits, and vendor meetings (estimated 5‑10% annually)
Flexibility to respond to emerging security threats and compliance requirements outside standard business hours when needed
Requirements
10+ years in enterprise or cloud security leadership roles
Minimum 5 years in a Vice President, Director, or equivalent executive‑level security position
Demonstrated expertise managing AWS security services and cloud‑native threat detection (GuardDuty, Security Hub, WAF, Shield)
Proven track record successfully leading PCI DSS and SOC 2 compliance programs through audit cycles
Experience building, leading, and scaling security teams (minimum 5 people)
Strong understanding of vulnerability management, remediation workflows, and security metrics
Demonstrated ability to manage complex security tool integrations and multi‑vendor environments
Executive presence and communication skills for board‑level presentations and stakeholder alignment
Required Knowledge
Deep technical knowledge of SIEM platforms (Splunk preferred) and SOC operations
Familiarity with identity and access management (Okta, Azure AD, or equivalent)
Understanding of Zero Trust architecture and network access controls
Knowledge of endpoint security and EDR platforms (CrowdStrike preferred)
Experience with application security tools and CI/CD pipeline security
PCI DSS compliance requirements and audit frameworks
SOC 2 Type II audit requirements and control frameworks
AWS IAM, networking, encryption, and infrastructure security best practices
Preferred Certifications
CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
AWS Certified Security – Specialty
CCSK (Certified Cloud Security Knowledge)
PCI Qualified Security Assessor (QSA) or related compliance certification
Seniority level
Executive
Employment type
Full‑time
Job function
Other, Information Technology, and Management
Referrals increase your chances of interviewing at Stax Payments by 2x
Get notified about new Vice President Security jobs in
Orlando, FL .
#J-18808-Ljbffr