Drive CISO strategy and partner with senior technology leaders to define and evolve the enterprise security strategy, multi-year roadmap, and investment priorities.
Establish security OKRs, KPIs, and maturity models that align risk reduction, regulatory readiness, and business enablement.
Translate emerging risk trends (cyber, insider, privacy, AI, regulatory) into actionable strategic initiatives and decision frameworks.
Design and lead the security operating cadence, including strategic planning, portfolio governance, and execution oversight across cybersecurity, privacy, and technology risk domains.
Build and mature enterprise PMO and portfolio management frameworks spanning identity and access management, vulnerability management, cloud security, insider risk, and resilience.
Drive large-scale, cross-functional security transformation programs from concept through sustained adoption.
Support CISO with materials and artifacts designed for Board members, executive leadership, producing clear, data-driven materials on security posture, risk exposure, program ROI, and operating maturity.
Prepare and deliver board-level reporting on cybersecurity strategy, investment outcomes, and regulatory posture.
Enable informed decision-making through concise narratives that connect security risk to business impact.
Operationalize regulatory and compliance obligations (e.g., privacy, data protection, financial services oversight) into measurable roadmaps that balance innovation and control.
Partner with legal, compliance, and risk teams to integrate security strategy into broader enterprise risk management frameworks.
Ensure consistent visibility into risk, assurance, and response metrics through unified reporting and analytics.
Guide the strategic adoption of cloud, AI/ML, automation, and observability capabilities to modernize security operations and enterprise technology platforms.
Evaluate and govern emerging technologies (e.g., AI agents, semantic search) to ensure security, privacy, and data protection by design.
Promote scalable, user-centric security solutions that reduce friction while strengthening control effectiveness.
Lead through influence in highly matrixed environments, aligning engineering, operations, product, and business teams.
Drive organizational change through clear communication, empathy, and structured change management.
Build communities of practice and centers of excellence that elevate security strategy, execution discipline, and continuous improvement.

Requirements

Bachelor’s degree in computer science, information technology, or risk and governance or equivalent
15+ years of experience in security strategy, enterprise transformation, technology risk, or program leadership, with increasing scope and complexity.
Proven experience partnering with CISO, CIO, CTO, or equivalent executives in large, global organizations.
Demonstrated success designing and scaling enterprise security programs (e.g., IAM, insider risk, vulnerability management, privacy, cloud security).
Strong background in operating model design, portfolio governance, and KPI-driven management.
Experience producing executive- and board-level communications on security, risk, and transformation outcomes.
Ability to translate complex technical and regulatory topics into clear, business-oriented narratives.

Benefits

Medical, Dental, & Vision Plans
401(k)
FSA/HSA
Commuter Benefits
Tuition Assistance Plan
Vacation and Sick Time
Paid Parental Leave

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security strategyenterprise transformationtechnology riskprogram leadershipidentity and access managementvulnerability managementcloud securityprivacyregulatory compliancedata protection

Soft Skills

communicationinfluenceempathychange managementstrategic planningcollaborationleadershipreportingnarrative developmentcommunity building

Certifications

Bachelor's degree in computer scienceBachelor's degree in information technologyBachelor's degree in risk and governance