• Lead and coordinate the development of the Information Security posture improvement plan to include the identification of strategic goals and the path to achieve set objectives.
• Experience developing and maintaining stakeholder relationships across large organizations, identifying cybersecurity threats and building remediation activities.
• Strong background in a public company managing the SOX and IT Audit process to include gap remediation and long-term process improvements across in and out of scope systems/applications.
• Collaborate with staff, senior management, and business unit partners to assess and support organization risk mitigation needs, by developing strategies, tactics, and quality review solutions.
• Evaluate past InfoSec posture assessments and develop corrective action plans, drive roadmap integration, and regularly report on the status of approved recommendations.
• Become a partner to the business by measuring and evaluating the success of risk programs to determine their effectiveness, and to ensure the business units’ adherence to the information security risk framework requirements, internal policies, and best practices.
• Stays abreast of regulatory compliance standards, new and developing information security risk trends, and best practices. Understand how to assimilate these standards while minimizing impact to the business.
• Implement Disaster Recovery (DR) and Business Continuity Planning (BCP) improvements for failover and resiliency on critical business applications (i.e., ERP, others) and platforms.
• In partnership with the Chief Information Officer (CIO), manage partner/vendor (3rd party) contracts, negotiations, terms & conditions, license entitlement, and SLA adherence across executed agreements.

Minimum Qualifications

• Bachelor’s degree (technical or business field preferred); Master’s degree or MBA is a plus.
• Possesses current certification(s) in cybersecurity that demonstrate active awareness and knowledge surrounding of security frameworks and best practices (i.e., CISSP, CISM, CISA).
• 15+ plus years of progressively increasing responsibility in Information Security; 8+ years of leadership experience, preferably in a public company environment and multi-location enterprise organizations.
• Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units.
• Experience maturing a Security Operations function (AV/Malware, SIEM, DLP, patch management) to achieve consistent SLA performance.
• Background with log collection and analysis as part of an investigation process.
• Experience building an InfoSec dashboard and SLA based metrics environment that identifies gaps, improvements, and operational performance across key Security posture pillars and functional areas.
• Recent Incident response/Crisis response implementation experience, and proven implementation of these processes across multiple business units.
• Strong background in risk evaluation and risk management.
• Experience in managing the security lifecycle across an enterprise organization.
• Demonstrated knowledge of data security and compliance controls.
• Ability to articulate a vision and roadmap that connects with the corporate strategy, assimilates with cross-functional IT groups, and inspires individuals at all levels of the organization.
• Excellent verbal and written communication skills; Experience communicating Security metrics and dashboards at the executive and Business Unit leader level; Board exposure a plus.
• Ability to travel up to 20%

Preferred Qualifications

• Master’s degree or MBA.
• Board exposure.

Business needs dictate that this position requires the presence and ability to work on-site 100%. Therefore, telecommuting or virtual/remote options will not be available.