Share this Job

Title:  VP, Chief Information Security Officer


Research Triangle Park, NC, US, 27709

Requisition ID:  40089


Are you data-driven?  We at NetApp believe in the transformative power of data – to expand customer touchpoints, to foster greater innovation, and to optimize operations.  We are designed for simplicity, optimized to protect, created to embrace future opportunity, and open to enrich choice.  We are the data authority for hybrid cloud, and we are helping our customers realize the full potential of their data.


We’ve built a Data Fabric for a data-driven world – to simplify and integrate data management across the resources that are best for the business.  With the Data Fabric, our customers can harness the power of cloud data services, build cloud infrastructures, and modernize storage through data management.

Job Summary

Reporting to the CIO, the Vice President, Chief Information Security Officer is the senior leader responsible for establishing and maintaining our world-wide information protection and enterprise security programs which include, security operations, incident response, vulnerability management, identity management, network security, disaster recovery, risk, policies, governance and compliance.  This leader will have Global responsibility to lead and influence security strategy efforts across the enterprise, to protect assets, align and prioritize our enterprise-wide information protection and security investments, to establish an enhanced information protection framework, mitigate risks, strengthen defenses, improve detection of malicious activities, and minimize vulnerabilities. This role in collaboration with other business leader’s, will be responsible for identifying, evaluating, and reporting on information protection and security risks across the enterprise, and as appropriate will work with other company leaders to determine acceptable levels and drive risk mitigation solutions for the company.

The position will have the opportunity to affect and impact information and security strategy actions cross-functionally and must possess a high degree of integrity, sound judgment, as well as have domain competency in the field of enterprise security and risk management. The ideal candidate is an integrator of people and processes, a thought leader, a problem solver, have a strong knowledge of information protection industry best practices, infrastructure technologies, knowledgeable about attack vectors and techniques attackers use, and strong influencing skills.

Job Requirements

• Develop, implement, and manage an enterprise-wide information protection and enterprise security strategy to ensure the security, integrity, confidentiality, and availability of NetApp’s information assets.
• Ensure all enterprise staff, systems, processes and tools are aligned with NetApp’s information protection and enterprise security strategy
• Lead and leverage a team of direct and indirect information and enterprise security SME’s to drive enterprise-wide information protection and security strategies and programs.
• Build and sustain information protection and enterprise security organization such that it can keep pace with the rapidly evolving threats.
• Develop, maintain, and publish up-to-date information security policies, standards and guidelines.
• Develop and oversee enterprise-wide information protection and security awareness and education
• Assess, collaborate cross-functionally and oversee NetApp’s enterprise-wide security investments.
• Work directly with the business unit leaders to facilitate enterprise-wide, security risk assessments and risk management processes, including maintaining, communicating and ensuring compliance with organizational security policies
• Develop a roadmap for driving improvements in our information security posture.
• Serve as objective central point for security related issues by balancing protection of the enterprise with the need to be operational effective.
• Provide subject matter expertise to executive management on a broad range of security standards, best practices, and compliance requirements.


*Bachelor’s degree or equivalent experience in a relevant discipline (Masters, JD or MBA, highly preferred).
*15+ years of experience in the IT field in a senior security leadership role
*C-level and Board of Director executive interaction experience
*Demonstrated experience driving strategy with cross-functional Executive level stakeholders
*Proven knowledge and experience across multiple information protection and security domains
*Broad knowledge and experience across IT infrastructure with emphasis on end user, hosting and networking domains
*Understanding and effectively applying trends and developments in the area of global security and risk management
*Ability to frame and communicate security and risk-related concepts to all technical and nontechnical audiences, at all levels
*Demonstrated ability to drive organizational change and work with multiple business units of an organization to effect change
*Professional security certifications such as CISSP, CCISO, or CISA or equivalent experience

*Experience with security frameworks and standards such as ISO 17799/27001, NISPOM, PCI, and other relevant security-related regulations

*Understands end-customer requirements and governance (ex. w/Banks)

*Skilled with core tools:  SEIM, DLP, NAC, Identity Management. etc.

*Technology literate:  Firewalls, defense-in-depth, NAC, endpoint agents, etc.

*Comfortable with emerging technologies such at UBA, CASB, AI/ML, etc.

*Able to quantify and measure Security Program Success (ex. NIST)

*Well-versed in complex Software Development methodologies


So get ready to tap into the data visionary within, and join us as we accelerate digital transformation and empower our customers to change the world with data!


If you ask a NetApp employee why they work here, the answer is inevitably the same: the people. At NetApp, our culture is at the heart of what we do. We place importance in trust, integrity, teamwork, and caring above all else. NetApp is a place where people are empowered to make a difference. Empowered to innovate. Empowered to collaborate. Empowered to help ourselves and others be data-driven and change the world. We take care of each other, our customers, our partners, and our communities simply because it’s the right thing to do.


We work hard but also recognize the importance of work-life balance for our employees because what’s important to them is important to us!  Recently we implemented Family First, which encourages employees to take paid time off to bond with a new child (through birth or adoption) or to care for a family member with a serious health condition.  Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to donate their time with their favorite organizations.  We provide comprehensive medical, dental, wellness and vision plans for you and your family.  We offer educational assistance, legal services, and access to discounts and fitness centers. We also offer financial savings programs to help you plan for your future.  


Join us and see what empowerment can do. 



Equal Opportunity Employer Minorities/Women/Vets/Disabled

Nearest Major Market: Durham
Nearest Secondary Market: Raleigh

Job Segment: Executive, Information Security, Medical, Risk Management, Compliance, Management, Technology, Healthcare, Finance, Legal