VP, Chief Information Security Officer (CISO)

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, Engineering, or related field
• 15+ years of progressive experience in information security and IT leadership
• Proven experience leading enterprise cybersecurity strategy in a global, regulated environment (medtech, healthcare, pharma, or similar)
• Demonstrated success building and leading global teams and operating in matrixed organizations
• Deep expertise across cyber risk management, security architecture, operations, and regulatory frameworks
• Strong executive communication and stakeholder influence skills

Nice To Haves

• Advanced degree (MBA or Master’s in Cybersecurity or related field)
• Industry certifications (e.g., CISSP, CISM, CRISC)
• Experience supporting digital transformation, cloud adoption, and product security
• Experience engaging with Board of Directors or Audit Committees

Responsibilities

• Define and execute a global cybersecurity strategy and multi-year roadmap aligned to enterprise priorities and risk appetite
• Lead a global security strategy that accounts for regional and country-specific requirements, ensuring enterprise standards are effectively adapted and managed across diverse regulatory, business, and operational environments
• Serve as the primary advisor to the CIO, executive leadership, and Board on cybersecurity risks, posture, and investments
• Define strategy for securing emerging technologies, including artificial intelligence, machine learning, and advanced analytics, ensuring safe and responsible adoption across the enterprise
• Drive security as a business enabler, ensuring alignment with commercial, clinical, and innovation objectives
• Lead and mature a high-performing global information security organization, including internal teams and external partners
• Establish and scale a risk-based security operating model, aligned to industry frameworks (e.g., NIST, ISO 27001)
• Partner with business and functional leaders to prioritize investments using risk, financial, and operational impact models
• Oversee enterprise security governance, policies, standards, and controls
• Ensure compliance with global regulatory requirements (e.g., FDA, HIPAA, GDPR, and other regional regulations)
• Oversee design and operation of security architecture and controls, including: Network and endpoint security, Identity and access management, Cloud security (IaaS/PaaS/SaaS), Threat detection and response capabilities
• Lead modernization of security tooling and platforms (e.g., SIEM, EDR, zero trust frameworks)
• Ensure effective vulnerability management and remediation programs
• Serve as executive lead for cybersecurity incidents and crisis response
• Establish and oversee enterprise incident response, business continuity, and disaster recovery programs
• Monitor and respond to evolving threats including advanced persistent threats (APTs), ransomware, phishing, and supply chain vulnerabilities
• Drive continuous improvement through post-incident reviews and threat intelligence
• Lead enterprise strategies to protect sensitive data (PHI/PII), clinical data, and intellectual property
• Ensure strong data governance, classification, and protection controls
• Partner with Legal and Compliance on privacy and data protection initiatives
• Act as a trusted partner to global business units, embedding security into product development, digital, and commercial initiatives
• Build strong cross-functional partnerships across IT, R&D, Quality, Regulatory, Legal, and Commercial teams
• Communicate clearly with executive stakeholders and Board-level audiences
• Foster a security-first culture across the enterprise
• Build and develop diverse, high-performing teams and future leaders
• Act as a change agent, driving continuous improvement and innovation in security practices
• Establish measurable KPIs to track security maturity, effectiveness, and ROI
• Ensure all activities align with Boston Scientific’s Quality Policy and Quality System requirements
• Maintain a strong focus on patient safety, product integrity, and regulatory compliance
• Provide leadership to ensure appropriate resources, training, and adherence to quality standards

Benefits

• Core and optional employee benefits offered by Boston Scientific (BSC) – see www.bscbenefitsconnect.com