Director, CISO Strategy & Transformation Office

About The Position

Requirements

• 8+ years of progressive experience in cybersecurity, technology risk, or IT program leadership, with a focus on strategy, portfolio management, or program operations preferred
• Strong expertise in cybersecurity and infrastructure strategy development, portfolio management, financial governance, and vendor management
• Experience managing complex, cross-functional initiatives and aligning cybersecurity programs with enterprise objectives
• Deep understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001), risk management principles, and regulatory requirements
• Demonstrated ability to establish governance structures, performance metrics, and reporting frameworks to support executive decision-making
• Strong leadership, communication, and stakeholder management skills, including experience working with executive leadership
• Experience supporting cybersecurity activities across mergers and acquisitions, including due diligence and integration
• Experience in highly regulated industries (e.g., aviation, financial services, healthcare, or government)
• Provides leadership to managers and experienced professional staff; may also manage front line supervisors
• Manages an organizational budget
• Develops and implements policies and procedures to achieve organizational goals
• Assists in the development of functional strategy
• Decisions have an extended impact on work processes, outcomes, and customers
• Interacts with internal and/or external leaders, including senior management
• Persuades others into agreement in sensitive situations while maintaining positive relationships

Nice To Haves

• Advanced degree (MBA, MS in Cybersecurity, Information Systems, or related field) preferred
• Professional certifications such as CISSP, CISM, CRISC, or PMP
• Experience with Agile methodologies and enterprise portfolio management tools

Responsibilities

• Support the development and socialization of the cybersecurity & infrastructure strategy and multi-year roadmap aligned with enterprise goals, risk priorities, and evolving threat landscapes
• Collaborate with the CISO to define program objectives, success metrics, and performance expectations, ensuring alignment with broader technology and business strategies
• Serve as an advisor to cybersecurity, infrastructure, and business leadership, enabling informed decision-making through structured planning, reporting, and analysis
• Establish governance mechanisms to create consistency, transparency, and accountability across cybersecurity initiatives and program activities
• Lead the management of the CISO program portfolio, including prioritization, planning, execution, and tracking of initiatives and projects
• Maintain standardized processes for project intake, scoping, resource allocation, and delivery across Global Cybersecurity and Infrastructure Services teams
• Provide centralized visibility into project status, risks, dependencies, and outcomes to support effective execution and leadership reporting
• Ensure alignment between cybersecurity & infrastructure initiatives, product roadmaps, and enterprise transformation efforts
• Drive adoption of scalable delivery practices to enhance execution efficiency and responsiveness to changing CISO program priorities
• Monitor and report on CISO program performance using key performance indicators (KPIs) and key risk indicators (KRIs)
• Provide ongoing insight into program health, operational performance, emerging risks, and strategic progress to support executive decision-making
• Standardize reporting frameworks to enable consistency across CISO program functions, including executive, business unit, and operational reporting
• Leverage data and analytics to inform prioritization, funding decisions, and continuous improvement efforts
• Oversee CISO program financial planning, including budgeting, forecasting, and resource alignment to strategic priorities
• Evaluate program spend, financial performance, and demand planning to ensure efficient and scalable use of resources
• Track and manage the CISO vendor portfolio, including vendor inventory, performance, and contract lifecycle management
• Lead and support RFP processes, vendor selection, and contract negotiations in partnership with procurement and business stakeholders
• Establish governance and guidelines for vendor engagement to ensure alignment with cybersecurity and infrastructure requirements and organizational objectives
• Maintain a standardized cybersecurity and infrastructure playbook to support activities across the M&A lifecycle, including due diligence, integration planning, and execution
• Oversee objectives, scope, roles, and processes to ensure risk-aligned CISO program engagement during acquisitions and divestitures
• Lead integration planning efforts to align cybersecurity and infrastructure priorities with deal objectives, ensuring seamless integration of people, processes, and technologies
• Serve as the central coordination point between acquired entities and enterprise CISO program teams to ensure alignment, communication, and execution
• Provide guidance and oversight to ensure security and infrastructure risks are identified, assessed, and mitigated throughout the M&A lifecycle
• Coordinate CISO program engagement requests across stakeholders, including business units, technology teams, auditors, and external partners
• Facilitate collaboration between cybersecurity, IT, product, legal, finance, and business teams to embed security into strategic initiatives and operational processes
• Ensure effective communication and alignment across internal and external stakeholders to support program execution and integration efforts
• Promote a culture of accountability, transparency, and continuous improvement across cybersecurity and infrastructure operations
• Build and lead a high-performing team with capabilities across strategy, portfolio management, financial governance, and program operations
• Develop team capabilities through coaching, structured career development, and role-based training aligned to evolving cybersecurity & infrastructure needs
• Drive continuous improvement initiatives to enhance program maturity, operational efficiency, and strategic impact
• Foster a data-driven and risk-based culture that supports innovation, scalability, and long-term program sustainability

Benefits

• Medical, dental and vision coverage
• Paid time off plan
• Health savings account (HSA)
• 401k savings plan
• Access to wages before pay day with myFlexPay
• Flexible spending accounts (FSAs)
• Short- and long-term disability coverage
• Work-Life resources
• Paid parental leave
• Healthy lifestyle programs