Chief Information Security Officer

About The Position

Requirements

• Seasoned cybersecurity and risk executive with deep business acumen and a demonstrated track record of leading enterprise‑scale security, resilience, and risk management programs.
• Proven success establishing and executing an enterprise information security strategy aligned with business objectives and risk appetite.
• Demonstrated ability to translate complex cyber and technology risks into clear, actionable insights for executive leadership and the Board of Directors.
• Experience leading enterprise cybersecurity programs within large, complex, and highly regulated organizations.
• Experience overseeing enterprise security operations, including vulnerability management, monitoring, incident response, and crisis management.
• Advanced understanding of current and emerging cyber threats and vulnerabilities, with the ability to adapt security capabilities proactively.
• Experience leading enterprise response efforts during significant cybersecurity incidents or operational disruptions.
• Ability to frame cyber risk in financial and business impact terms to inform investment, insurance, and risk tradeoff decisions.
• Demonstrated expertise in information security governance, regulatory compliance, data privacy, and enterprise control frameworks.
• Experience leading internal and external IT audits and managing remediation efforts.
• Proven ability to partner effectively with regulators and external oversight bodies.
• Broad technology experience spanning applications, infrastructure, cloud computing, and virtualized environments.
• Experience managing vendor and third‑party risk, including managed security services and contract negotiations.
• Strong understanding of how technology solutions protect enterprise data, systems, and networks at scale.
• Experience protecting highly sensitive policyholder, financial, and health‑related information in regulated environments.
• 15+ years of progressive experience across cybersecurity, technology, and risk disciplines, including 10+ years in senior leadership roles with accountability for enterprise‑wide outcomes.
• Proven ability to build, lead, and develop high‑performing security teams with measurable impact.
• Experience leading through complexity and change with strong judgment, learning agility, and a human‑centered leadership approach.
• Applies disciplined judgment to balance risk, speed, and opportunity in decision making.
• Establishes clear direction, priorities, and measurable outcomes aligned to enterprise strategy.
• Demonstrates unwavering integrity and discretion when handling sensitive and confidential information.
• Adapts quickly to changing conditions and leads effectively through ambiguity.
• Communicates with clarity, transparency, and confidence across all levels of the organization.
• Effectively conveys complex and sensitive risk topics to executives, regulators, and the Board.
• Models an inclusive, values‑based leadership approach that reinforces trust and credibility.
• Navigates complex organizational dynamics with emotional intelligence and sound judgment.
• Influences outcomes through trust, insight, and constructively challenging perspectives.
• Maintains a tough‑minded yet collaborative approach in high‑stakes discussions.
• Empowers and develops diverse talent, with a strong commitment to succession and capability building.
• Provides timely, candid, and constructive feedback that drives performance and growth.
• Remains calm, decisive, and steady under pressure, particularly during crisis situations.

Responsibilities

• Establish and execute an enterprise information security strategy and operating model aligned with business objectives and risk appetite.
• Continuously assess and strengthen Genworth’s cyber and technology risk posture in support of enterprise resilience and growth.
• Define short‑ and long‑term cybersecurity goals, success measures, and investment priorities aligned to business strategy.
• Define and operationalize a shared accountability model for cybersecurity risk, ensuring clear decision rights across the CISO, CIO, and technology/service owners.
• Ensure security is embedded early in technology strategy, roadmaps, and delivery, with integrated planning across engineering, infrastructure, and application teams.
• Drive consistency and scale in control execution, reducing late-stage rework, fragmentation, and reliance on exception-based decisioning.
• Own enterprise information security governance, policies, standards, and controls.
• Lead regulatory engagement related to cybersecurity and represent the enterprise in examinations and audits.
• Oversee internal and external IT compliance efforts and remediation activities.
• Serve as a strategic advisor to executive leadership and the Board of Directors on cyber risk, threat trends, and program effectiveness.
• Own Board‑level cybersecurity governance, including regular reporting on cyber risk posture, material threats, incidents, and progress against enterprise risk tolerance.
• Communicate cyber risk in a decision-ready format, clearly articulating recommendations, tradeoffs, risk levels, and required actions, enabling timely and informed leadership decisions.
• Provide executive oversight of security operations, vulnerability management, incident response, and crisis management.
• Lead enterprise response efforts during cybersecurity incidents, ensuring decisiveness, transparency, and cross‑functional coordination.
• Stay ahead of emerging threats, technologies, and industry trends to proactively adapt security capabilities.
• Lead, develop, and inspire a high‑performing information security organization.
• Champion a culture of security awareness, accountability, ethical behavior, and continuous improvement across the enterprise.
• Build trust‑based relationships with internal and external stakeholders to influence outcomes in complex and high‑stakes environments.

Benefits

• Competitive Compensation & Total Rewards Incentives
• Comprehensive Healthcare Coverage
• Multiple 401(k) Savings Plan Options
• Auto Enrollment in Employer-Directed Retirement Account Feature (100% employer-funded!)
• Generous Paid Time Off – Including 12 Paid Holidays, Volunteer Time Off and Paid Family Leave
• Disability, Life, and Long Term Care Insurance
• Tuition Reimbursement, Student Loan Repayment and Training & Certification Support
• Wellness support including gym membership reimbursement and Employee Assistance Program resources (work/life support, financial & legal management)
• Caregiver and Mental Health Support Services