Deputy CISO

About The Position

Requirements

• Proven leadership experience driving enterprise-wide cybersecurity strategy, transformation, and program maturity in complex, global environments.
• Experience in manufacturing and/or commodities is preferred.
• Demonstrated ability to align security initiatives with business objectives, risk appetite, and regulatory expectations, translating strategy into measurable outcomes
• Track record of building and leading high-performing, globally distributed teams, with a strong focus on talent development and organizational scalability
• Expertise in cyber risk management, governance frameworks (NIST, ISO, CIS), and enterprise security operations, including incident response oversight
• Ability to communicate effectively with technical and non-technical stakeholders.
• Experience advising and influencing C-suite and board-level stakeholders on security posture, risk tradeoffs, and investment priorities
• Strong business and financial acumen, including budget ownership, vendor strategy, and ROI-based decision making

Nice To Haves

• advanced degree and/or certifications ( CISSP, CISM, CRISC ) preferred

Responsibilities

• Partner with the CISO to further define and execute the enterprise cybersecurity strategy and roadmap
• Lead the day-to-day operations of the cybersecurity program, ensuring alignment with business priorities and risk tolerance
• Serve as acting CISO as necessary, providing leadership continuity and executive-level decision support
• Drive key initiatives including Zero Trust, identity security, vulnerability management, and enterprise risk programs
• Build, mentor and manage a high-performing, globally distributed cybersecurity team
• Support and actively contribute to operational functions (incident response, vulnerability management, security architecture, and monitoring)
• Strengthen governance by advancing policies, standards, and controls aligned to NIST, ISO, and CIS frameworks
• Partner with IT and engineering to embed secure architecture, cloud security, and DevSecOps practices
• Influence and collaborate with senior stakeholders across IT, legal, compliance, and business units
• Communicate cybersecurity posture, risks, and KPIs/KRIs to leadership and maintain coordination with Alcoa stakeholders to drive informed decision-making

Benefits

• Competitive compensation packages, including pay-for-performance variable pay, recognition and rewards programs.
• 401(k), employer match up to 6%, additional employer retirement income contribution (no vesting period)
• Healthcare benefits: medical, Rx, dental, vision, flexible spending account, health savings account (generous employer contribution), life and accident insurance
• Work-life balance programs: flexible work scheduling, hybrid/remote working
• Paid time off: 15 vacation days prorated in the 1st year based on hire date, 12 paid holidays, 7 illness days, Care for Family leave up to 40 days, up to 5 bereavement days, maximum of 30 jury duty days, and up to 10 days annual training for military leave