Chief Information Security Officer

This is a fully remote position, open to applicants in United States.

📋 Description

• Take charge of the enterprise cybersecurity strategy and develop a multi-year roadmap in collaboration with the CTO.

• Act as the executive spokesperson on cybersecurity matters to the CEO, ELT, board, and Audit Committee, converting technical risks into business and financial language.

• Oversee all SEC cybersecurity disclosure responsibilities (10-K Item 1C, Item 1.05 material incident determinations, disclosure controls) along with executive accountability for cybersecurity-related SOX controls.

• Direct the cybersecurity insurance strategy, ensuring coverage is adequate and managing renewals.

• Lead the communication strategy for executive incidents and coordinate material breach responses with Legal and Investor Relations.

• Guide, mentor, and develop the current cybersecurity team, including the Director of Cyber Operations.

• Establish the cybersecurity strategy for IT, cloud, identity, and end-user computing, aligned with NIST CSF, ISO 27001, and SOC 2 standards.

• Manage the OT and ICS security program across six global manufacturing locations, ensuring a seamless integration of IT and OT without disrupting operations.

• Provide executive oversight for the connected-product platform (millions of users), ensuring secure-by-design principles, DevSecOps practices, and PCI-DSS compliance for payment products.

• Lead the AI cybersecurity strategy, focusing on governance for AI tool adoption, deployment of AI-driven security platforms, and responding to AI-enabled threats.

• Oversee the third-party cybersecurity risk program and maintain executive relationships with key vendors, MSSPs, audit firms, and external cyber legal counsel.

⛳️ Requirements

• 12+ years of advancing cybersecurity experience, with at least 5+ years in a senior leadership capacity (CISO, Deputy CISO, VP of Security, or similar).

• Proven experience as the designated cybersecurity executive at a public organization, or significant exposure to SEC cybersecurity disclosures, audit committee interactions, and SOX cybersecurity controls.

• Demonstrated success in executive and board-level communication, managing material incident responses, and owning cybersecurity insurance strategies.

• Comprehensive working knowledge of cloud security (AWS, Azure, GCP), application security, identity management, and contemporary detection and response methodologies.

• Bachelor's degree in IT, Information Security, Computer Science, Engineering, or a related discipline.

• Senior-level certification such as CISSP, CISM, or CISA.

🏝️ Benefits

• Competitive executive compensation package.

• Comprehensive benefits offerings.

• Flexibility to work remotely.

• Up to 30% travel, including international trips to manufacturing sites in Europe and Asia.