Chief Information Security Officer

📋 Description

• Take charge of the enterprise cybersecurity strategy and develop a multi-year roadmap in collaboration with the CTO.

• Act as the executive spokesperson on cybersecurity matters for the CEO, ELT, board, and Audit Committee, converting technical risks into business and financial terminology.

• Manage all SEC cybersecurity disclosure responsibilities (10-K Item 1C, Item 1.05 material incident evaluations, disclosure controls) and hold executive accountability for cybersecurity-related SOX controls.

• Direct the strategy for cybersecurity insurance, ensuring adequate coverage and managing renewals.

• Oversee executive communication during incidents and responses to material breaches, working in tandem with Legal and Investor Relations.

• Lead, mentor, and cultivate the existing cybersecurity team, including the Director of Cyber Operations.

• Establish the cybersecurity strategy encompassing IT, cloud, identity, and end-user computing, aligned with NIST CSF, ISO 27001, and SOC 2 standards.

• Manage the OT and ICS security program across six global manufacturing sites, integrating IT and OT without hindering operations.

• Provide executive oversight on cybersecurity for the connected-product platform (serving millions of users), ensuring secure-by-design standards, DevSecOps practices, and PCI-DSS compliance for payment products.

• Develop the AI cybersecurity strategy, including governance for AI tool adoption, implementation of AI-enabled security platforms, and responses to AI-driven threats.

• Oversee the third-party cybersecurity risk program and maintain executive relationships with key vendors, MSSPs, audit firms, and external cyber counsel.

⛳️ Requirements

• More than 12 years of progressive experience in cybersecurity, including over 5 years in a senior leadership position (CISO, Deputy CISO, VP of Security, or comparable role).

• Proven experience as the designated cybersecurity executive at a public company, or significant involvement with SEC cybersecurity disclosures, audit committee relations, and SOX cybersecurity controls.

• Demonstrated success in executive and board communications, managing material incident responses, and holding ownership of cybersecurity insurance strategies.

• In-depth knowledge of cloud security (AWS, Azure, GCP), application security, identity management, and contemporary detection and response techniques.

• A bachelor's degree in IT, Information Security, Computer Science, Engineering, or a related discipline.

• Senior-level certifications such as CISSP, CISM, or CISA.

🏝️ Benefits

• Competitive executive salary.

• Comprehensive benefits package.

• Flexibility with a remote-first work environment.

• Up to 30% travel, including international visits to manufacturing sites in Europe and Asia.