Job Description

Chief Information Security Officer is responsible for delivering strategic vision and operational oversight for the Enterprise Information Security Architecture and Security Operations Center. The role will be responsible for working with internal and external partners to manage the Information Security Organization, define a comprehensive strategy aligned to business objectives, and execute the approved programs sequence, implementing project/program work to drive stakeholder accountability ensure business outcomes.

Fortive Corporation Overview

Fortive’s essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions.

We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We’re a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions.

We are a diverse team 18,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact.

At Fortive, we believe in you. We believe in your potential—your ability to learn, grow, and make a difference.

At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.

At Fortive, we believe in growth. We’re honest about what’s working and what isn’t, and we never stop improving and innovating.

Fortive: For you, for us, for growth.

• Information Security Strategy: Develop and implement a comprehensive information security strategy aligned with the organization's objectives. Continuously assess and update security protocols, frameworks, and policies to address emerging threats and compliance requirements.
• Security Architecture Design: Drive the development and maintenance of the organization's security architecture, ensuring it aligns with business objectives, regulatory requirements, and industry best practices. Design secure systems, networks, and infrastructure, considering scalability, resiliency, and emerging technologies.
• Security Operations Management: Lead the security operations team for product and infrastructure, ensuring the implementation of robust security controls, incident response protocols, vulnerability management, and security monitoring. Foster a proactive and efficient security operations center (SOC) to detect, respond to, and recover from security incidents.
• Team Management: Effectively manage security champions for product responsible for security operations, architecture, and related functions. Establish and maintain strong communication channels, facilitate knowledge sharing, and drive team collaboration to achieve common security goals.
• Risk Assessment and Compliance: Conduct regular risk assessments and audits to identify vulnerabilities, prioritize risks, and ensure compliance with relevant regulations and industry standards. Develop and maintain effective controls and processes to safeguard sensitive information and prevent unauthorized access.
• Incident Response and Investigation: Oversee incident response activities, coordinating with cross-functional teams to promptly detect, investigate, and resolve security incidents. Develop and maintain an incident response plan, ensuring effective communication, documentation, and post-incident analysis.
• Vendor and Third-Party Management: Assess and manage security risks associated with third-party vendors and partners. Establish and maintain security-related contracts, service-level agreements, and ongoing vendor assessments to ensure adherence to security standards.
• Performance Monitoring and Reporting: Establish key performance indicators (KPIs) and metrics to measure the effectiveness of security operations, architecture, and remote offshore teams. Prepare executive-level reports, deliver presentations, and provide recommendations to senior management. Collaborate with executive stakeholders to develop strategic initiatives aligning with company goals.

Required Qualifications

• Bachelor's or master's degree in computer science, Information Security, or a related field. Relevant certifications such as CISSP, CISM, CISA are highly desirable.
• Proven experience of at least 12 years in information security management, including security operations, architecture, and managing remote offshore teams.
• Strong knowledge of security frameworks, product development framework (SSDF) & standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, DFARS, CMMC and GDPR.
• Extensive experience in independently leading security operations, including incident response, threat intelligence, vulnerability management, and security monitoring.
• Proficiency in security architecture design, Product security, responding to vendor questionnaire and cyber security forms, network security, cloud security, identity and access management, encryption, and secure coding practices.
• Demonstrated ability to effectively manage remote offshore teams, fostering collaboration, communication, and achieving shared security objectives.
• In-depth understanding of risk assessment methodologies, compliance requirements, and privacy regulations.
• Excellent leadership and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization.
• Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple initiatives simultaneously.
• Effective verbal and written communication skills, including the ability to convey complex security concepts.

Preferred Qualifications

• A track record of being an accomplished Information Technology Leader from a highly regarded, global, diversified company known for innovation, process excellence, and continuous improvement.
• A steep career trajectory, meaningful breadth of experience, and the potential for further career growth.
• Exceptional communication skills and the ability to influence executives at the highest levels.
• Incredible focus on detail and ability to be hands on, while also setting an inspiring vision for your organization.
• Ability to collect and synthesize information, making it relevant, understandable, and actionable for key stakeholders.
• A result oriented and energetic approach to achieving organizational goals and objectives.
• Experience training and coaching others (especially non-technical colleagues on frameworks and models).
• Demonstrated leadership experience implementing Information Technology discipline, displaying an ability to effectively navigate and influence cross functional, matrixed organizations.
• An inclusive and collaborative approach to problem solving with a bias for forward thinking.
• An understanding of modeling methods to solve business problems.
• Ability to lead complex analysis and work with broad parameters in complex situations in order to drive meaningful conclusions and recommendations to business partners and are effective at communicating analysis and recommendations across a range of audiences.

NA

We are Omnissa!

The world is evolving fast, and organizations everywhere—from corporations to schools—are under immense pressure to provide flexible, work-from-anywhere solutions. They need IT infrastructure that empowers employees and customers to access applications from any device, on any cloud, all while maintaining top-tier security. That’s where Omnissa comes in.

The Omnissa Platform is the first AI-driven digital work platform that enables smart, seamless and secure work experiences from anywhere. It uniquely integrates multiple industry-leading solutions including Unified Endpoint Management, Virtual Apps and Desktops, Digital Employee Experience, and Security & Compliance through common data, identity, administration, and automation services. Built on the vision of autonomous workspaces - self configuring, self-healing, and self-securing - Omnissa continuously adapts to the way people work; delivering personalized and engaging employee experiences, while optimizing security, IT operations and costs. we're experiencing rapid growth—and this is just the beginning of our journey!

At Omnissa, we’re driven by a shared mission to maximize value for our customers. Our five Core Values guide us: Act in Alignment, Build Trust, Foster Inclusiveness, Drive Efficiency, and Maximize Customer Value—all with the aim of achieving shared success for our clients and our team. As a global private company with over 4,000 employees, we’re always looking for passionate, talented individuals to join us. If you're ready to make an impact and help shape the future of work, we’d love to hear from you!

What is the opportunity?

Reporting to the SVP, Operations, the Chief Information Security Officer will be a strong leader who can develop, implement, and oversee the overall information security strategy for our organization. This role requires strong collaboration with cross-functional teams to ensure that our systems and data are protected against cybersecurity threats, as well as building robust data protection practices to instill trust with our customers. This role will be responsible for Commercial, Federal & On-Premise Product Compliance, Privacy Operations, Customer Security Assurance, Risk Management, Incident & Crisis Management, Enterprise Resiliency, Information Security Engineering, Architecture, Security Operations, Product and Applications Security as well as liaising with R&D, Sales, Marketing, Legal, and other stakeholders to include customers. Proficient in business dynamics and well-versed in information protection and privacy laws, the ideal candidate will demonstrate the ability to work autonomously and collaborate with diverse stakeholder groups to uphold and build upon Omnissa’s secure operating environment.

The ideal candidate will have a proven track record of building and/or implementing and improving the maturity of security programs in cloud-based SaaS organizations and possess excellent leadership and communication skills. You must have the ability to effectively balance risk and business priorities.

• Define and optimize the security strategy in concert with the executive leadership team, and stakeholders across the business.
• Lead the development and implementation of comprehensive information security strategies and initiatives in concert with the executive leadership team, and stakeholders across the business to protect the confidentiality, integrity, and availability of Omnissa systems and data.
• Work with customers and prospects to address security concerns as well as supporting GTM where significant deals require interaction from the CISO to close.
• Identify, assess, and prioritize security risks and vulnerabilities across the organization.
• Develop and implement risk management processes to mitigate threats effectively. Coaching and mentoring to ensure your team members are motivated and engaged.
• Provide continuous feedback to ensure that they continue to add value while maintaining high standards.
• Collaborate with Engineering and Product Leaders and other organization stakeholders to help define and influence wider product strategy, roadmaps, and designs.
• Lead commercial, federal, and product compliance programs.
• Establish and administer a privacy and security incident response process and be actively engaged on high priority incidents, including preparation, investigation, response, and impacted customer notification and communications.
• Build strategic and comprehensive plans to define, develop, maintain, and implement policies and processes that enable consistent, effective data security practices to minimize risk and ensure the confidentiality of information and customer data as well as deepen the trust with customers and partners.
• Monitor compliance with security policies and procedures and drive continuous improvement efforts.
• Develop and manage privacy and security awareness training programs for employees to promote a culture of security and privacy awareness and best practices throughout the organization.
• Establish a strategic framework to guide annual security investment decisions, incorporating KPI’s and metrics to measure performance and outcomes effectively.
• Collaborate with legal teams to ensure compliance with evolving laws and regulations, translating regulatory knowledge into actionable plans to mitigate potential risks.
• Provide regular briefings to the Executive Team, Board and Investors on security status and risks; advocate for the overall security strategy and necessary budget allocation; disseminate security and risk management best practices across all business functions.
• Ensure compliance with relevant industry standards, regulations, certifications, and legal requirements, such as ISO 27001, SOC 2, HIPAA, GDPR, PCI, ISMAP IRAP, FedRAMP, SOX, NIST, etc.
• Evaluate the security posture of third-party vendors and partners and ensure that appropriate security measures are in place to protect our data and systems.
• Review and approve all custom security and privacy related contractual terms.
• Manage Security Operations, Threat Intelligence, and Vulnerability Management Teams to include the Security Operations Center (SOC) operating 7x24x365
• Drive security analysis of new product and service releases.
• Develop effective Key Performance Indicators to continuously monitor the effectiveness of the Omnissa Information Security Program.
• Regularly brief Omnissa Executive Leadership and Board on key business risks and program maturity.

Required Qualifications:

• 15+ years of experience in SaaS/IT Operations and Information Security Leadership Roles.
• Previous experience as a CISO at a B2B, cloud-based SaaS company, approaching security with a DevOps mindset.
• You prefer security by enablement, automation, and guardrails over gates and roadblocks.
• Familiarity with securing and operating on public Cloud (AWS, Azure, GCP) providers.
• Comfortable working with highly technical engineering teams who have a strong sense of autonomy in their decision-making, be it technical or product focused.
• Possess domain knowledge of common information security, business continuity and privacy management frameworks, regulatory requirements, and applicable standards such as ISO 27001, SOC 2, HIPAA, GDPR, PCI, ISMAP IRAP, FedRAMP, DISA IL, CMMC, NIST, SOX, NIAP Common Criteria, BSI EAL4+, C5, ISMAP, IRAP, etc.
• Understanding the principles of product and application security to include common security vulnerabilities in software such as OWASP Top-10 and SANS Top-25.
• Excellent written and verbal communication skills.
• You can articulate complex cybersecurity concepts to both technical and non-technical audiences.
• You are adept in translating security problems to business impact.
• Experience with highly regulated industries such as healthcare, financial services, government, and publicly listed companies.
• Capable of leading and inspiring cross-functional, interdisciplinary teams to accomplish both tactical and strategic objectives, with a keen focus on achieving business outcomes.
• Exhibits a high level of personal integrity and professionalism, with the capacity to manage confidential matters with discretion and maturity.
• Demonstrated success in formulating information security strategy, policies, and procedures, along with a proven ability to implement programs that achieve excellence in a dynamic environment.

Preferred Qualifications:

• NA

Location: United States (Remote/Home Office) - Ideally in close proximity to a major airport

Omnissa industry recognition and awards:

• Gartner Magic Quadrant: Consistently positioned as a leader in Gartner’s Magic Quadrant for Desktop as a Service (DaaS) and Virtual Desktop Infrastructure (VDI).
• IDC MarketScape Q2 2024: Recognized as a leader in IDC MarketScape reports for EUC.
• Forrester Wave report for Q4 2023: Workspace ONE received the highest scores in the current offering category and the second-highest scores in the strategy category.
• Customer Satisfaction and Reviews: High ratings and positive reviews on platforms like Gartner Peer Insights and TrustRadius.

Omnissa’s commitment to diversity & inclusion:

Omnissa is committed to continuing their mission to build a diverse and inclusive workforce that reflects the communities we serve across the globe. Fostering inclusiveness is one of our key values, that acts as a bedrock of our operational model and culture. Omnissa is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: Omnissa is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Omnissa are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Omnissa will not tolerate discrimination or harassment based on any of these characteristics. Omnissa welcomes applicants of all ages. Omnissa will provide reasonable accommodations to applicants and employees who have protected disabilities consistent with local law.

Disclaimer for US-Based Roles: This job requisition is not eligible for employment-based immigration sponsorship by Omnissa.

Summary Information about the Role and Company Overview

Connecting People. Uniting the World. There’s never been a more exciting time to join United Airlines! As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to uplift and provide opportunities in the places where we work, live and fly.

We’re on a path toward becoming the best airline in the history of aviation. Join our Cybersecurity and Digital Risk (CDR) team to help us also become the leading cyber-safe airline in the industry. United’s CDR team is tasked with keeping our customers’ and employees’ information safe and secure. Our primary mission is to embed cybersecurity into the DNA of United Airlines by reducing business risk through implementation of strong cybersecurity standard methodologies.

United offers a competitive benefits package aimed at keeping you happy, healthy and well-traveled. From employee-run "Business Resource Group" communities to world-class benefits like parental leave, 401k and privileges like space available travel, United is truly a one-of-a-kind place to work. Are you ready to travel the world and help us keep our airline cyber safe? Apply today!

United's Digital Technology team designs, develops, and maintains massively scaling technology solutions brought to life with innovative architectures, data analytics, and digital solutions.

Our Values: At United Airlines, we believe that inclusion propels innovation and is the foundation of all that we do. Our Shared Purpose: "Connecting people. Uniting the world." Drives us to be the best airline for our employees, customers, and everyone we serve, and we can only do that with a truly diverse and inclusive workforce. Our team spans the globe and is made up of diverse individuals all working together with innovative technology to build the best airline in the history of aviation.

With multiple employee-run "Business Resource Group" communities and world-class benefits like health insurance, parental leave, and space available travel, United is truly a one-of-a-kind place to work that will make you feel welcome and accepted. Come join our team and help us make a positive impact on the world.

• Contribute to and implement the Identity and Access Management (IAM) vision and roadmap
• Implement IAM program management, governance, and lead technical teams to ensure alignment with strategy and vision
• The aim is to determine accurate system access across multiple platforms
• Ensure IAM solutions are meeting security and business objectives and outcomes by establishing metrics that lead to actions for improvement
• Continuously improve and innovate our IAM capabilities to drive value, enhance our employee experience and secure our digital assets
• Support with the multi-factor authentication process to improve employee experience with various United systems

Required Qualifications

• Bachelor's degree required
• Cybersecurity, Risk Management, Computer Science
• 9+ years of experience in STEM field, including at least 5 years in Identity and Access Management technologies, processes, and capabilities and including at least 3 years of leadership experience leading and coaching teams/people to their highest potential
• Developed/implemented roadmaps Identity and Access Management (IAM) capabilities and led cross-functional execution to drive initiatives to completion
• Deep understanding of IAM technologies, controls, and standard methodologies (LDAP, directories, certificates, SAML/OAUTH, MFA, Adaptive Authentication, PKI, IGA, and MDM)
• Working knowledge of IAM principles in cloud first environment
• Understanding of PCI, SOX, HIPAA, EU-GDPR regulations and for IAM
• Know how to influence technology teams to deliver a streamlined employee identity experience
• Experience influencing teams and collaborators without direct authority over them
• Coached individuals & leaders at multiple levels able to demonstrate tangible results
• Achieved objectives by contributing information and recommendations to strategic plans, identifying trends and inspiring changes
• Built relationships with stakeholders across all levels and departments
• Excellent communication skills at all levels of organization
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

Preferred Qualifications

• Master's degree

United Airlines is an equal opportunity employer. United Airlines recruits, employs, trains, compensates and promotes regardless of race, religion, color, national origin, gender identity, sexual orientation, physical ability, age, veteran status, and other protected status as required by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions. Please contact JobAccommodations@united.com to request accommodation.

The salary for this position is $126,225 to $185,130, dependent on job-related, non-discriminatory factors such as experience, education, and skills. This range is based on a full-time schedule.

Bonus eligible: yes

At United, we offer a competitive compensation package, with benefits including: medical, dental, vision, life, accident and disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) plan with employee and company contribution opportunities, and flight privileges.

Salary and benefits information is being included in this job posting in accordance with Colorado state law.