AVP, Deputy Chief Information Security Officer
AVP, Deputy Chief Information Security Officer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
As a strategic leader at JM Family Enterprises the Deputy Chief Information Security Officer (Deputy CISO) plays a critical role in aligning business unit IT priorities with enterprise security and platform capabilities. Reporting directly to the Chief Information Security Officer (CISO) this role serves as a bridge between technical teams and business stakeholders ensuring secure scalable and cost-effective solutions are delivered across the organization. The Deputy CISO will drive cross-functional collaboration governance and oversight to uphold our security standards and enable innovation.
Responsibilities:
Build inspire and lead a high-performing multidisciplinary security team
Serve as principal deputy to the CISO assuming leadership in their absence
Collaborate closely with the CISO to manage and execute the enterprise security strategy
Partner with BU IT leaders to ensure ERP CRM HCM and SaaS platforms are secure and effective
Lead the enterprise Application Security program including secure coding application scanning penetration testing and secure architecture reviews
Oversee application security and enablement program across custom SaaS and packaged applications
Lead the secure enablement of enterprise-wide IT initiatives including ERP/CRM implementations cloud migrations digital transformation and infrastructure modernization
Drive secure adoption and transformation of enterprise platforms (ex. Oracle Salesforce Workday ServiceNow industry-specific apps)
Enable DevSecOps practices for enterprise application teams embedding automated security checks into application delivery pipelines
Partner with application owners and business leaders to ensure security is a business enabler not a blocker to transformation initiatives
Champion secure user experience and adoption of enterprise platforms
Monitor and manage risks associated with enterprise applications and integrations
Lead strategic planning and adopt global cybersecurity best practices
Develop implement and maintain the organizations information security program
Drive enterprise-wide information security risk management and mitigation
Ensure compliance with regulatory industry and contractual security standards (SOX PCI DSS HIPAA GDPR ISO NIST)
Oversee third-party/vendor risk management and due diligence
Partner with executive and business unit leaders to integrate cybersecurity into decision-making
Embed security by design into digital transformation cloud and emerging tech initiatives
Promote a culture of security through training simulations and awareness campaigns
Develop future cybersecurity leaders and support succession planning
Align business demand with platform capabilities and delivery feasibility
Escalate unresolved platform or security design issues as appropriate
Collaborate with Internal Audit Legal and Compliance to ensure audit readiness
Ensure BU IT programs and services meet business expectations
Develop executive-level reporting and metrics to demonstrate business enablement
Qualifications:
Bachelors Degree in Computer Science Information Security or related field (Masters preferred)
15 years of experience in Information Security and/or Application Development including 7 years leading Information Security at the executive level in cloud-native or high-scale technology environments
Proven track record managing end-to-end software/application development lifecycles
Relevant industry certifications ex. Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) are preferred
Proven track record managing budgets totaling $ 20 million showcasing financial acumen in IT operations
Deep understanding of technical architecture patterns and platform constraints
Proven working knowledge of cybersecurity principles Identity and Access Management (IAM) and other non-functional requirements
Strong Understanding of Application Development Lifecycle
Demonstrated effectiveness of establishing standards and best practices for Agile development DevSecOps CI/CD pipelines and test automation
Experience driving cloud-native development SaaS adoption and enterprise modernization
Proven track record enabling enterprise application solutions (ERP CRM HR Finance Supply Chain Digital Platforms)
Deep knowledge of application development methodologies (Agile SAFe DevSecOps)
Strong understanding of enterprise architecture integration and data platforms
Ability to interpret assess and validate complex technical solution proposals
Deep understanding of current and emerging cyber threats attack vectors and risk mitigation strategies
Leadership and effective communication skills with a strong ability to analyze and problem resolution; while also being self-motivated and results driven
Demonstrated effectiveness as a leader for staff management development and mentorship
Strong business acumen with ability to translate complex security concepts into business-relevant language
Exceptional communication and influencing skills with senior leadership
Demonstrated ability to lead and inspire large distributed teams across multiple disciplines
Strategic thinker with an execution mindset balancing risk and enablement
Experience managing technical intake and demand processes across enterprise environments
Strong leadership in facilitating cross-functional technical trade-off discussions and decision-making
Must stay current with industry trends threat intelligence and emerging technologies
Comfortable working in a fast-paced highly visible role with enterprise-wide influence
Collaborates with Legal and Government Relations/Compliance teams to ensure compliance with relevant laws regulations and policies
#LI-KA1
This job description may not be inclusive of all assigned duties responsibilities or aspects of the job described and may be amended at any time at the sole discretion of JM Family. All work arrangements are subject to associate performance business need and manager discretion and may be revised as necessary.
JM FAMILY IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER
JM Family Enterprises Inc. is an Equal Employment Opportunity employer. We are committed to recruiting hiring retaining and promoting qualified associates without regard to age race religion color gender sex (including pregnancy childbirth and related medical conditions) sexual orientation gender identity gender expression mental or physical disability national origin marital status citizenship military status genetic information veteran status or any other characteristic protected by federal state provincial or local law.
DISABILITY ACCOMMODATIONS
If you have a disability and require a reasonable accommodation to complete the job application process please contact JM Familys Talent Acquisition department at for assistance. If you have an accommodation request for one of our recruiting events please notify us at least 72 hours prior so that we may provide assistance.
Required Experience:
Chief
Employment Type
Full-Time
