Listing Description
We are looking for a Chief Information Security Officer (CISO), responsible for coordination, execution and reporting on a company-wide, global information security program. This role requires a experienced and business-savvy leader with a high level expertise of information security and its application to a global business. The successful candidate is comfortable interacting with the senior management and help lead the security program as a business enabler.
What you’ll do
In this role you’ll lead the development and execution of RSI’s information security strategy and program, advise senior management on cyber security risks. Your duties will include:
Responsibilities
Help drive the culture of informed risk taking
Drive security collaboration with legal and compliance teams
Build strong working relationships with product, engineering, and operations leaders to deliver on security initiatives and controls
Build security governance across the business
Drive security decision making groups, and collaboratively develop security and technology roadmaps
Help integrate information security into business processes
Activities
Help develop and present recommendations based on active balancing of threats, vulnerabilities, risk and business needs and long-term goals
Define and facilitate the information security risk assessment process
Information security risk reporting tailored to the relevant audience
Oversight of security risk treatment efforts to address negative findings
Provide regular reporting on the current status of the information security program to the senior management as part of a strategic corporate risk management program
Build security risk awareness amongst the Board and executive management
Engage in and support 3rd party vendor risk management process
Execution of corporate Security Awareness program
Coordinate with local, state, federal, and international government agencies as required
Perform duties as necessary and/or assigned
All About You:
Minimum of 8 years of experience leading global information security programs and applying information security, risk management and privacy practices
Minimum of 5 years of practical experience working with information security and privacy laws and standards (such as ISO 27001, PCI-DSS, SOX and data breach reporting laws), generally accepted information security principles, and industry best practice
A broad technical background with pragmatic and business-focused approach to security
Proven experience interfacing with executives at the Board and communicating complex cyber security concepts in business-relevant ways
Excellent written and verbal communications skills with experience presenting to and facilitate discussions with the Board and executive leadership
Ability to place complex security issues in appropriate business context
Strong leadership skills
Experience working in heavily regulated sector (gaming or finance for example)
Experience in using quantitative and qualitative risk management to help prioritize and evaluate business decisions
Ability to communicate security and risk-related concepts to technical and non-technical audiences
Experience working with global teams based in Europe, and the Americas.
Motivation and ability to work independently with minimal supervision
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided