Vice President & Chief Information Security Officer (CISO)

About The Position

Requirements

• 10+ years of progressive experience in Information Security leadership roles.
• Minimum 3 years as a CISO or a deputy/second-in-command security leader in a larger enterprise.
• Deep expertise in security operations, architecture, governance, risk, compliance, and incident response.
• Strong working knowledge of NIST CSF, ISO 27001, CIS Controls, and modern cybersecurity technologies.
• Experience in global environments and working with distributed teams.
• Demonstrated ability to present complex cybersecurity topics to Audit Committees and senior executives.
• Experience managing multimillion-dollar security budgets.
• Strong understanding of GDPR, CCPA, and global privacy regulations.
• Executive presence and strong communication skills.
• Business-oriented mindset with the ability to translate technical issues into business risk.
• Proven ability to drive process discipline, build governance, and mature a security program.
• Collaborative leadership style with strong partnership skills across IT, Legal, and business units.

Nice To Haves

• Experience in industrial manufacturing or OT/ICS security environments.
• Certifications such as CISSP, CISM, CISA, CCSP, or similar.
• Familiarity with ERP environments, cloud security (Azure/AWS), and M&A cybersecurity integration.
• Experience working with India-based operations or offshore security teams.

Responsibilities

• Strategic Leadership & Governance: Develop and execute the global information security strategy aligned to business objectives and risk appetite. Provide quarterly cybersecurity updates to the Audit Committee and Executive Management Team. Establish security governance, policies, and standards consistent with leading frameworks (NIST CSF, ISO 27001, CIS). Oversee enterprise risk assessments and maintain a risk-based roadmap for continuous improvement.
• Security Operations & Technical Controls: Lead the design, implementation, and management of all security technologies and controls including endpoint protection, identity & access management, SIEM/SOC operations, cloud security, vulnerability management, and network security. Ensure proactive monitoring, rapid detection, and response to security incidents across global operations. Oversee business continuity and disaster recovery security components in partnership with Infrastructure and Applications teams.
• Security Architecture & New Technology Reviews: Embed security-by-design into IT and business projects, including cloud, ERP, operational technology (OT), and Industry 4.0 initiatives. Conduct architectural reviews and threat modeling for new technologies and digital transformation efforts.
• Compliance, Privacy & Legal Collaboration: Partner closely with Legal to ensure compliance with global data privacy laws, including GDPR, CCPA, and emerging regulations. Oversee data protection practices, records retention security considerations, and reporting obligations related to data privacy incidents.
• Third-Party & Customer Security: Lead the global third-party risk management program, including supplier assessments and ongoing monitoring. Respond to and manage customer security inquiries, audits, and contractual security requirements. Drive vendor governance for security tools, MSSP partnerships, and other outsourced services.
• Team Leadership & Budget Management: Lead a global Information Security team of 12 across the U.S., Germany, and India. Manage a $3M annual operating budget, ensuring cost-effective investments in technology, services, and capabilities. Mentor, develop, and scale the team to support global manufacturing operations and business growth.