Chief Information Security Officer is responsible for delivering strategic vision and operational oversight for the Enterprise Information Security Architecture and Security Operations Center. The role will be responsible for working with internal and external partners to manage the Information Security Organization, define a comprehensive strategy aligned to business objectives, and execute the approved programs sequence, implementing project/program work to drive stakeholder accountability ensure business outcomes.
Responsibilities
- Information Security Strategy: Develop and implement a comprehensive information security strategy aligned with the organization's objectives. Continuously assess and update security protocols, frameworks, and policies to address emerging threats and compliance requirements.
- Security Architecture Design: Drive the development and maintenance of the organization's security architecture, ensuring it aligns with business objectives, regulatory requirements, and industry best practices. Design secure systems, networks, and infrastructure, considering scalability, resiliency, and emerging technologies.
- Security Operations Management: Lead the security operations team for product and infrastructure, ensuring the implementation of robust security controls, incident response protocols, vulnerability management, and security monitoring. Foster a proactive and efficient security operations center (SOC) to detect, respond to, and recover from security incidents.
- Team Management: Effectively manage security champions for product responsible for security operations, architecture, and related functions. Establish and maintain strong communication channels, facilitate knowledge sharing, and drive team collaboration to achieve common security goals.
- Risk Assessment and Compliance: Conduct regular risk assessments and audits to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective controls and processes to safeguard sensitive information and prevent unauthorized access.
- Incident Response and Investigation: Oversee incident response activities, coordinating with cross-functional teams to promptly detect, investigate, and resolve security incidents. Develop and maintain an incident response plan, ensuring effective communication, documentation, and post-incident analysis.
- Vendor and Third-Party Management: Assess and manage security risks associated with third-party vendors and partners. Establish and maintain security-related contracts, service-level agreements, and ongoing vendor assessments to ensure adherence to security standards.
- Performance Monitoring and Reporting: Establish key performance indicators (KPIs) and metrics to measure the effectiveness of security operations, architecture, and remote offshore teams. Prepare executive-level reports, deliver presentations, and provide recommendations to senior management. Collaborate with executive stakeholders to develop strategic initiatives aligning with company goals.
You will be successful in this role if you have:
- A track record of being an accomplished Information Technology Leader from a highly regarded, global, diversified company known for innovation, process excellence, and continuous improvement.
- A steep career trajectory, meaningful breadth of experience, and the potential for further career growth.
- Exceptional communication skills and the ability to influence executives at the highest levels.
- Incredible focus on detail and ability to be hands on, while also setting an inspiring vision for your organization.
- Ability to collect and synthesize information, making it relevant, understandable, and actionable for key stakeholders.
- A result oriented and energetic approach to achieving organizational goals and objectives.
- Experience training and coaching others (especially non-technical colleagues on frameworks and models).
- Demonstrated leadership experience implementing Information Technology discipline, displaying an ability to effectively navigate and influence cross functional, matrixed organizations.
- An inclusive and collaborative approach to problem solving with a bias for forward thinking.
- An understanding of modeling methods to solve business problems.
- Ability to lead complex analysis and work with broad parameters in complex situations in order to drive meaningful conclusions and recommendations to business partners and are effective at communicating analysis and recommendations across a range of audiences.
Qualifications
- Bachelor's or master's degree in computer science, Information Security, or a related field. Relevant certifications such as CISSP, CISM, CISA are highly desirable.
- Proven experience of at least 12 years in information security management, including security operations, architecture, and managing remote offshore teams.
- Strong knowledge of security frameworks, product development framework (SSDF) & standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, DFARS, CMMC and GDPR.
- Extensive experience in independently leading security operations, including incident response, threat intelligence, vulnerability management, and security monitoring.
- Proficiency in security architecture design, Product security, responding to vendor questionnaire and cyber security forms, network security, cloud security, identity and access management, encryption, and secure coding practices.
- Demonstrated ability to effectively manage remote offshore teams, fostering collaboration, communication, and achieving shared security objectives.
- In-depth understanding of risk assessment methodologies, compliance requirements, and privacy regulations.
- Excellent leadership and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization.
- Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple initiatives simultaneously.
- Effective verbal and written communication skills, including the ability to convey complex security concepts.
#J-18808-Ljbffr