Vice President of Information Security & Infrastructure
US
SWCA Environmental Consultants
Req #: 14706
Type: Regular
|
|
||||||||||
|
|||||||||||
Overview: The Vice President of Information Security & Infrastructure is responsible for leading the organization's enterprise cybersecurity, infrastructure, cloud operations, technical support, end-user computing, IT compliance, procurement, and asset management functions. This executive leader serves as the organization's senior authority for: * Cybersecurity Strategy, * Cyber Risk Management, * Infrastructure Modernization, * Cloud Transformation, * Regulatory Compliance, * Operational Resiliency, and, * Secure Enterprise Technology Operations. The role combines the responsibilities of a traditional Chief Information Security Officer (CISO) with leadership over enterprise infrastructure and core IT operational services. This position partners closely with executive leadership, legal, operations, HR, finance, and business leaders to ensure technology platforms and cybersecurity capabilities enable business growth, operational excellence, client trust, and federal compliance readiness. Please include a Cover Letter to be considerd for this position. Application Deadline: Application materials are due at 5:00 PM MDT on Monday June 15, 2026. Responsibilities: Overall Responsibilities include: Cybersecurity & Information Security Leadership * Lead and mature the enterprise cybersecurity program across all corporate, cloud, and operational environments. * Develop and execute the organization's cybersecurity strategy aligned with business objectives, client requirements, and regulatory obligations. * Serve as the executive leader responsible for cyber risk management, security governance, and enterprise security operations. * Provide executive and Board-level reporting on cybersecurity posture, risk exposure, incidents, and strategic initiatives. * Establish and maintain enterprise security policies, standards, procedures, and governance frameworks. * Lead enterprise incident response, cyber crisis management, and ransomware preparedness programs. * Oversee security operations including: * threat detection, * monitoring, * vulnerability management, * endpoint security, * identity security, * and third-party risk management. * Partner with legal, compliance, privacy, and HR teams on cyber governance and investigations. IT Compliance, CMMC & CUI Responsibilities * Lead enterprise IT compliance initiatives including: * CMMC, * NIST 800-171, * CUI governance, * and related federal security requirements. * Build and operationalize Controlled Unclassified Information (CUI) enclave environments. * Define enclave segmentation, governance, access controls, and operational standards. * Lead organizational readiness for CMMC Level 1 compliance initiatives; experience supporting or preparing for CMMC Level 2 strongly preferred. * Develop and manage: * System Security Plans (SSPs), * Plans of Action & Milestones (POA&M), * audit evidence, * and compliance governance processes. * Partner with federal clients, auditors, and external assessors as needed. * Ensure proper handling, classification, protection, and retention of CUI and sensitive client information. Infrastructure & Cloud Leadership * Provide executive leadership over enterprise infrastructure operations including: * networking, * servers, * cloud platforms, * storage, * identity services, * and enterprise connectivity. * Lead modernization initiatives including migration from on-premises infrastructure to cloud-first and hybrid-cloud architectures. * Define and execute enterprise cloud strategies across platforms such as: * Microsoft Azure, * AWS, * Microsoft 365, * and SaaS ecosystems. * Drive Zero Trust and identity-centric security architecture strategies. * Oversee infrastructure resiliency, disaster recovery, backup, and business continuity programs. * Ensure scalable and secure infrastructure operations supporting distributed offices, remote workforce, and field operations. IT Operations Leadership Oversee enterprise operational leadership for: * IT Infrastructure * IT Support / Service Desk * End User Computing * IT Procurement * IT Asset Management Specific responsibilities include: * Leading and mentoring IT Directors and operational technology leaders. * Establishing operational KPIs and service management standards. * Improving IT service delivery and user experience across the enterprise. * Managing enterprise hardware/software lifecycle governance. * Driving vendor management, contract management, and strategic procurement optimization. * Establishing mature IT asset lifecycle and governance practices. Leadership & Strategic Responsibilities * Partner with executive leadership to align technology and cybersecurity strategies with business objectives. * Support mergers, acquisitions, integrations, and enterprise growth initiatives. * Build and lead high-performing infrastructure and cybersecurity teams. * Develop multi-year strategic technology and security roadmaps. * Manage departmental budgets, technology investments, and operational planning. * Foster a culture of security awareness, accountability, innovation, and operational excellence. * Serve as a trusted advisor to leadership, clients, and strategic partners. Qualifications: Required Qualifications * Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Engineering, or related field. * 15+ years of progressive IT and cybersecurity leadership experience. * 7+ years in senior leadership roles managing enterprise infrastructure and cybersecurity organizations. * Experience within the Architecture, Engineering, and Construction (AEC), Environmental Consulting, Engineering Services, or Federal Contracting industries. * Demonstrated experience leading enterprise cybersecurity programs in complex distributed environments. * Hands-on experience migrating organizations to cloud and hybrid-cloud environments. * Demonstrated experience implementing and operationalizing CUI enclave environments. * Experience supporting or leading CMMC Level 1 initiatives. * Strong experience with: * NIST frameworks, * Zero Trust architecture, * identity and access management, * incident response, * vulnerability management, * and enterprise infrastructure operations. * Experience managing enterprise infrastructure teams including: * networking, * cloud, * servers, * end-user computing, * and IT operations. * Strong executive communication and Board presentation capabilities. Preferred Qualifications * Experience supporting or preparing organizations for CMMC Level 2 certification. * Experience with Microsoft GCC or GCC High environments. * Experience building secure enclave or segmented federal compliance environments. * Experience supporting geographically distributed organizations and field operations. * Prior experience integrating cybersecurity into mergers and acquisitions activities. * Master's degree preferred. Preferred Certifications * CISSP * CCSP * CISM * CMMC Registered Practitioner * ITIL * Azure or AWS cloud certifications Success Characteristics The ideal candidate will demonstrate: * Strong executive leadership presence * Operational and strategic cybersecurity expertise * Deep infrastructure and cloud modernization knowledge * Strong understanding of CUI and federal compliance environments * Ability to balance security with operational enablement * Strong business acumen and risk-based decision making * Collaborative leadership style * Ability to lead through transformation and organizational growth About SWCA We are 100% employee-owned, and we build our success together. With offices across the United States, SWCA is one of the largest environmental compliance firms and ranks among Engineering News-Record's Top 200 Environmental Firms. We offer a supportive, team-oriented work environment and competitive wages and benefits, including an 100% employee stock ownership plan (retirement). At SWCA, we support our team members in developing their careers to make them leaders in their
Share this job:
