Information security senior risk officer

The Chief Information Security Officer (CISO) is a strategic executive responsible for the vision, leadership, and execution of the company's global information security program. This role will safeguard all digital and physical information assets, manage cyber risk across the entire enterprise, and ensure resilience against an evolving threat landscape. The CISO will serve as the primary authority on cybersecurity, advising the C-suite and Board of Directors, and fostering a culture of security awareness throughout the organization. Develop and continuously refine a global, business-aligned cybersecurity strategy and roadmap. Establish and chair a cross-functional Cybersecurity Governance Committee. Define and enforce information security policies, standards, and guidelines across all business units and regions. Present regular reports on the state of cybersecurity, threat landscape, and program effectiveness to the CEO, executive team, and Board of Directors. Risk Management & Compliance: Own the enterprise-wide cyber risk management framework, including identification, assessment, mitigation, and reporting of cyber risks. Ensure compliance with global data protection and privacy regulations (e.g., Manage cybersecurity audits and serve as the primary liaison with regulators and auditors on all security-related matters. Serve as the ultimate commander during major cybersecurity incidents, leading the cross-functional incident response team. Third-Party & Supply Chain Risk: Develop and manage a comprehensive third-party risk management program to assess and monitor the security posture of vendors and partners. Design and deliver ongoing, role-specific security awareness and training programs to reduce human risk. Build, mentor, and lead a high-performing global cybersecurity team. Develop and manage the annual global cybersecurity budget, ensuring efficient allocation of resources. Qualifications & Experience 15+ years of progressive experience in information security, with at least 8+ years in a senior leadership role (e.g., CISO, Deputy CISO, Head of Security) overseeing a global program. Proven track record of developing and executing a multi-year cybersecurity strategy in a complex, multinational corporation. Deep, hands-on technical knowledge of security technologies, cloud security (AWS, Azure, GCP), network architecture, and Zero Trust principles. Extensive experience in incident response and crisis management, with a proven ability to lead under pressure. Expert knowledge of global regulatory frameworks and compliance requirements (GDPR, NIST, ISO 27001). Demonstrated experience in presenting to and advising a Board of Directors on cyber risk. Excellent communication, interpersonal, and influencing skills, with the ability to articulate cyber risk in business terms to non-technical stakeholders. Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field. Master’s degree in Business Administration (MBA) or a related technical field. Recognized security certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor). Experience in the (Your Industry, e.g., Financial Services, Technology, Healthcare) sector. Experience managing security through a significant digital transformation or cloud migration. Strategic Visionary: Able to see the big picture and translate threats into business risks and opportunities. Builds strong, trusted relationships with executives, technical teams, and business units.