Chief Information Security Officer (CISO)

Recreational Equipment-posted 9 months ago
$285,000 - $350,000/Yr
Full-time • Executive
Seattle, WA
Clothing, Clothing Accessories, Shoe, and Jewelry Retailers
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Chief Information Security Officer (CISO) will lead REI's information security and privacy team and partner across the co-op to identify and manage risk in our technology, data and business practices. This leader will enable the co-op to excel as a digital forward retailer as REI continues to grow its member community. As the expert advisor for choices the co-op makes to reduce risk, this individual leads security architecture and engineering, vulnerability management, security portfolio and program management, security operations center, compliance, risk assessment and management, and identity and rights management. The CISO is the champion and advocate for IT security, raising awareness and understanding across technology and the organization, working closely with REI's enterprise risk management and asset protection teams. The CISO contributes to REI's success by developing, recommending and leading planning, strategies, and implementation of REI's IT security program to ensure that the IT environment (applications, infrastructure, SaaS, Cloud Services, on-premise datacenters…) is secure and protected from intentional or inadvertent alteration, disclosure or destruction. The CISO leads, coordinates, and collaborates with other IT leaders and staff to implement tools and processes throughout the security development lifecycle for intrusion detection and protection. This leader actively keeps abreast of new technology and IT service delivery methods to ensure REI is up to date with current IT security practices. Reporting to the Chief Technology Officer, this person will lead a team of ~25 information security professionals.

  • Develop and implement a comprehensive information security strategy aligned with the co-op business goals.
  • Collaborate with IT and business leaders to integrate security measures into all aspects of the organization.
  • Direct the development, recommendations and championing of IT policy, strategy, standards and procedures for information and system security.
  • Oversee the IT Disaster Recovery and Business Continuity program.
  • Lead architecture and engineering, vulnerability management, security operations, compliance, and risk management.
  • Direct the Identity and Access Management organization.
  • Accountable for identifying and assessing IT security-related issues.
  • Oversee IT security architecture including roadmaps, assessments, principles, standards and security development lifecycle.
  • Set, monitor, and enforce security elements within application, infrastructure and data architectures.
  • Oversee the Security Operations Center and ensure effective intrusion detection, incident response and threat management.
  • Oversee vulnerability management including scanning, testing, remediation, and reporting.
  • Accountable for consistent compliance with all applicable regulations, standards and controls.
  • Conduct regular security assessments and audits to identify risks.
  • Lead and champion efforts to educate the organization on security threats.
  • Report to leadership on information security effectiveness.
  • Actively participate in Technology strategic planning.
  • Report to Executive Leadership and Board of Directors on the effectiveness of the security program.
  • Develop budgets and forecasts for security needs.
  • Lead and mentor a team of security professionals.
  • Perform supervision including hiring, firing, conducting performance reviews.
  • Ensure the team is properly skilled and staffed.
  • Perform vendor management and play a lead role on vendor selection.
  • Provide accurate, timely and relevant information about the status of information security projects.
  • Bachelor's degree in Information Security, Computer Science, or a related field; advanced degree strongly preferred.
  • Minimum of 15 years of information security leadership experience, with at least 5 years in a senior leadership role.
  • Proven experience developing and implementing security strategies in a retail environment.
  • Strong knowledge of security frameworks, standards, and regulations (e.g., PCI, NIST).
  • Relevant certifications (e.g., CISSP, CISM, CISA) are highly desirable.
  • Excellent communication and interpersonal skills.
  • Experience attracting, developing and challenging world class security engineering and operations talents.
  • Deep information security and privacy experience for digital forward customer centric organizations.
  • Elevated risk assessment and management experience in large scale digital organizations.
  • Experienced change agent to drive innovation and transformational change within organizations.
  • Experience developing, planning and implementing the company's technology strategy.
  • Possesses a thoughtful point of view on industry trends impacting commerce, customer and employee experience.
  • Competitive salary range of $285,000 - $350,000.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Chief Information Officer Resume Examples
Chief Information Officer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service