CISO

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field required; Master’s degree preferred.
• 10+ years of progressive experience in cybersecurity or information security, with at least 3–5 years in a leadership or strategic planning role.
• Demonstrated experience leading enterprise-wide security programs and aligning cybersecurity initiatives with business goals.
• Proven ability to oversee diverse security functions such as governance, risk, compliance, security engineering, and security operations.
• Experience operating in a shared services or matrixed organizational model is strongly preferred.
• Must be able to assess and respond to dynamic and complex cybersecurity risks in real time.
• Capable of balancing tactical incident response needs with long-term strategic risk mitigation planning.
• Expected to interpret and apply regulatory and legal requirements to a variety of business and technology environments.
• Responsible for solving cross-functional challenges involving security, compliance, operations, and IT architecture.
• Must make high-impact decisions with limited information during critical incidents or evolving threat situations.
• Ability to design scalable, risk-informed solutions that support both enterprise and business-unit objectives.
• Must effectively communicate with executive leadership, technical teams, business stakeholders, regulators, and third parties.
• Ability to translate complex cybersecurity concepts into plain language for non-technical audiences.
• Skilled in presenting risk, performance, and program updates to senior executives, boards, and oversight committees.
• Capable of influencing and building consensus across multiple departments and organizational levels.
• Expected to lead cybersecurity awareness campaigns and foster open dialogue on security issues across the enterprise.
• Domestic and International travel required up to 50%.
• Must stay current with industry trends, threat intelligence, and emerging technologies.
• Demonstrated leadership, integrity, and discretion in handling sensitive or confidential information.
• Comfortable working in a fast-paced, highly visible role with enterprise-wide influence.
• 7x24x365 as required.
• Maintain a strong relationship with Federal, State, and International law enforcement
• All candidates must have valid authorization to work in the U.S.

Nice To Haves

• Master’s degree preferred.
• Relevant industry certifications (e.g., Certified Information Systems Security Professional [CISSP], Certified Information Security Manager [CISM], Certified in Risk and Information Systems Control [CRISC]) are preferred.

Responsibilities

• Lead the creation and evolution of the long-term cybersecurity vision and strategic roadmap.
• Align cybersecurity investments and priorities with enterprise risk appetite, regulatory demands, and business strategy.
• Serve as a key advisor to the CIO and other senior executives on cyber risk, emerging threats, and security-related business impacts.
• Translate technical security requirements into actionable business-focused plans.
• Monitor industry trends, threat intelligence, and emerging technologies to inform strategic direction.
• Drive the development and enforcement of enterprise-wide cybersecurity policies, standards, and frameworks.
• Ensure compliance with relevant legal and regulatory frameworks
• Lead enterprise cybersecurity risk assessments and guide business units in risk treatment planning.
• Engage with internal audit, legal, and compliance teams to manage regulatory obligations and audit readiness.
• Promote accountability and transparency through structured governance and reporting mechanisms.
• Act as the cybersecurity leader within a shared services model, supporting multiple business units with diverse needs.
• Build strong relationships with IT, operations, legal, compliance, and business leaders to embed security in enterprise projects and operational practices.
• Ensure scalable, flexible security services that address both enterprise and business-specific priorities.
• Represent cybersecurity in enterprise governance committees and project steering groups.
• Provide leadership and strategic oversight for security engineering, infrastructure protection, and operations.
• Ensure the Security Operations Center (SOC) functions effectively with clear escalation paths and continuous improvement.
• Support adoption of secure architecture and development practices, including cloud and hybrid environments.
• Guide technology selection and integration efforts aligned to strategic objectives.
• Drive the automation of processes to reduce mean time to containment
• Promote a culture of cybersecurity awareness and accountability at all levels of the organization.
• Lead efforts to improve employee understanding of cyber risk through education and training.
• Communicate complex security topics in business-relevant terms to executives and staff.
• Champion security as a business enabler and advocate for risk-informed decision-making.
• Ability to motivate a team while fostering engagement and empowerment

Benefits

• Offering medical, dental, vision, prescription plans, plus Health Savings Account and Flexible Spending Account options.
• Life, accident, critical illness, disability, legal, identity theft, and pet insurance.
• 401(k) plan with company matching contributions and immediate vesting.
• Vacation, holidays, personal days, sick leave, volunteer, and parental & caregiver leave.
• Tuition reimbursement for job-related courses after six months of service.
• Lifestyle Spending Account, EAP, virtual health management, chronic condition, neurodiversity, tobacco cessation, substance abuse support, and life stage and fertility resources.
• High5 employee recognition and awards platform, quarterly and annual employee recognition
• Opportunity for an annual performance-based bonus.