The role of Vice President of Information Security typically belongs to one of the top or in many cases the top executive responsible for cybersecurity within an organization.
But what, exactly, is the job description of a VP of Information Security?
Painted with a broad brush stroke, you could say the role is to establish, implement, and maintain an enterprise-wide information security program to ensure data assets are adequately protected.
However, many VP of InfoSec roles are also focused on business enablement.
We asked Netflix DVD Vice President of Information Security Jimmy Sanders about this.
Sanders is on the Advisory Council for SecureWorld Bay Area and is the President of the San Francisco Bay Area ISSA chapter. We interviewed him in Santa Clara.
Role of the Vice President of Information Security
Watch our full interview with Sanders, or read snippets below:
[SW] At a high level, what is your role as the VP of Information Security?
[JS] “My job is to ensure that our security maintains the culture and the vision of our origins. Our culture is based on two aspects, called freedom and responsibility. We will give developers, we will give engineers, we’ll give different practitioners the freedom to do what they want to do. But it is their responsibility to do it to a certain standard. And so my security tools have to be in lockstep with that. My tools can’t block them from the freedom that is a core tenant of Netflix.”
[SW] It sounds like your security team supports the business and you are passionate about that.
[JS] “I love my job. I’m at a company where it’s not me dictating things. The culture is visible, it is upfront, and we adhere to it. People can push back against you if they don’t think you have a valid idea. And I love the fact that the best idea wins at the company. It’s not who is most politically motivated, it’s not the person who spends the most money, it’s not the person with the most patents. It’s not even the person with the best title. It’s the person with the best idea.”
MORE: Hear from US Bank Business Information Security Officer Mike Kearn: I'm a BISO and This Is What I Do.
