Senior Director, Chief Information Security Officer (CISO)Racine, Wisconsin Job ID 10537 Apply
The Senior Director, Chief Information Security Officer (CISO) role is accountable for Global Information Security at SC Johnson while providing Strategic and Operational directions – including but not limited to Vulnerability and Threat Management, Cybersecurity, eDiscovery, Security Awareness, Risk assessment and posture and Identity and Access Management, as well as insight and thought leadership for all other activities associated with Information Security.
Strong CISO leadership track record and accountability within in a large complex global enterprise is mandatory.
Essential Duties and Responsibilities:
- Leads, directs, and has accountability for the performance and development of subordinate staff in Information Risk Management, Architecture, Security Operations, Vulnerability and Threat Management, Cybersecurity and Identity and Access Management in accordance with corporate strategic direction. May include matrix reporting relationships.
- Partner with Global Information Security Governance body in developing a multi-year Information Security plan for information security projects and objectives, and plan (including key action items, target goals and success metrics) to support enterprise-level Information Security policies and risk appetite.
- Establishes and directs the design, development, testing and implementation of appropriate Information Security strategies, plans, products, and other access control techniques based on enterprise Information Security risk model. Also identifies emerging vulnerabilities, evaluates associated risks and threats, and provides countermeasures where necessary.
- Directs the staff in the evaluation of risks and threats, development, implementation, communication, operation, monitoring and maintenance of the information security technologies which promote a secure and uninterrupted operation of all IT systems.
- Manages the reporting, investigation, and resolution of external Cybersecurity incidents. Works with and consults with senior business leaders such as the Global Information Security Governance body within the Office of General Counsel on potential data breaches
- Manages the staff overseeing all aspects of Identity and Access Management. Ensures that appropriate access is provided to employees, contractors, and other parties in a timely fashion meeting strict security standard in accordance with the principles of Segregation of Duties and Least Privilege. Works closely with Human Resources and Enterprise Procurement to ensure IT aspects of new employee and contractor on-boarding are appropriately completed.
- Responsible for the development and implementation of security standards, procedures and guidelines per Information Security policies to prevent the unauthorized use, release, modification, or destruction of data across multiple platforms and environments (e.g., company-wide, distributed, client server systems, and e-applications).
- Responsible for ensuring appropriate governance over Managed Service Providers per Information Security policies managing and maintaining information security technologies.
- Maintains contact with industry security groups, and an awareness of current vulnerabilities, threats, and risks to data privacy and information security.
- May perform additional duties associated with Cyber Security as assigned.
Required Skills / Experience / Competencies:
- Bachelor's degree in Computer Science, or related discipline is required. Master’s degree is preferred.
- 10+ years of experience in information security.
- 5+ years of supervisory/management experience (CISO level is mandatory) including preparing and managing a significant operating budget.
Preferred Skills / Experience / Competencies:
- Applicable Certifications in Information Security field
- Thorough understanding of Cyber Security technologies and offerings in the market place, as well as the processes associated with running a cyber security operation.
- Senior level understanding of all aspects of information security, including: security and risk management frameworks, vulnerability and threat management, security operations, security organization, architecture, access control, and security incident management.
- Excellent ability to influence change in corporate understanding and adoption of information security concepts.
- Excellent analytical and problem-solving skills.
- Excellent communications and interpersonal skills and the ability to work effectively with peers; senior executives in both IT and across business units; and internal/external business partners/clients. Ability to effectively explain complex security-related concepts and issues to non-technical and business audiences.
- Strong understanding of crisis management skills.
- Experience working as a CISO within a global organization.
- Ability to effectively communicate with all levels of employees within scope of responsibility.
- Ability to manage complex projects to completion.
- Proven ability to lead and motivate others in accomplishing goals.
- Ability to exercise professional judgment and assume responsibility for decisions which have an impact on people, quality of service, and costs.
- Advanced computer skills including Microsoft Office suite and other business-related software systems.
SC Johnson & Son, Inc. is an equal employment opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, marital status, pregnancy, sexual orientation, ancestry, genetic information, or any other characteristic protected by law.