Listing Description

We are looking for a Chief Information Security Officer (CISO), responsible for coordination, execution and reporting on a company-wide, global information security program. This role requires a experienced and business-savvy leader with a high level expertise of information security and its application to a global business. The successful candidate is comfortable interacting with the senior management and help lead the security program as a business enabler.

What you’ll do

In this role you’ll lead the development and execution of RSI’s information security strategy and program, advise senior management on cyber security risks. Your duties will include:

Responsibilities

• 
  

  Help drive the culture of informed risk taking

  
  


• 
  

  Drive security collaboration with legal and compliance teams 

  
  


• 
  

  Build strong working relationships with product, engineering, and operations leaders to deliver on security initiatives and controls

  
  


• 
  

  Build security governance across the business

  
  


• 
  

  Drive security decision making groups, and collaboratively develop security and technology roadmaps

  
  


• 
  

  Help integrate information security into business processes

  
  

Activities

• 
  

  Help develop and present recommendations based on active balancing of threats, vulnerabilities, risk and business needs and long-term goals

  
  


• 
  

  Define and facilitate the information security risk assessment process

  
  


• 
  

  Information security risk reporting tailored to the relevant audience

  
  


• 
  

  Oversight of security risk treatment efforts to address negative findings

  
  


• 
  

  Provide regular reporting on the current status of the information security program to the senior management as part of a strategic corporate risk management program

  
  


• 
  

  Build security risk awareness amongst the Board and executive management

  
  


• 
  

  Engage in and support 3rd party vendor risk management process

  
  


• 
  

  Execution of corporate Security Awareness program

  
  


• 
  

  Coordinate with local, state, federal, and international government agencies as required

  
  


• 
  

  Perform duties as necessary and/or assigned

  
  

All About You: 

• 
  

  Minimum of 8 years of experience leading global information security programs and applying information security, risk management and privacy practices

  
  


• 
  

  Minimum of 5 years of practical experience working with information security and privacy laws and standards (such as ISO 27001, PCI-DSS, SOX and data breach reporting laws), generally accepted information security principles, and industry best practice

  
  


• 
  

  A broad technical background with pragmatic and business-focused approach to security

  
  


• 
  

  Proven experience interfacing with executives at the Board and communicating complex cyber security concepts in business-relevant ways

  
  


• 
  

  Excellent written and verbal communications skills with experience presenting to and facilitate discussions with the Board and executive leadership

  
  


• 
  

  Ability to place complex security issues in appropriate business context

  
  


• 
  

  Strong leadership skills

  
  


• 
  

  Experience working in heavily regulated sector (gaming or finance for example)

  
  


• 
  

  Experience in using quantitative and qualitative risk management to help prioritize and evaluate business decisions

  
  


• 
  

  Ability to communicate security and risk-related concepts to technical and non-technical audiences

  
  


• 
  

  Experience working with global teams based in Europe, and the Americas.

  
  


• 
  

  Motivation and ability to work independently with minimal supervision