About Xerox Holdings Corporation
For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.
Chief Information Security Officer
Position Summary:
Reporting to the EVP, Chief Transformation & Administrative Officer, The Chief Information Security Officer (CISO) is responsible for developing and implementing an information security program that includes procedures and policies designed to protect enterprise communications, systems, and assets from both internal and external threats. The CISO will oversee the organization’s information security strategy, manage a team of security professionals, and ensure compliance with relevant laws and regulations.
The ideal candidate will possess deep technical expertise in the field of Information Security with a successful history of delivering Enterprise-wide security programs.
Primary Responsibilities:
• Develop and execute a comprehensive information security strategy aligned with the company’s business objectives.
• Establish, implement, and maintain information security policies, standards, and procedures.
• Identify and ensure compliance with various laws and regulatory requirements.
• Coordinate and lead response to information security incidents to mitigate the impact and ensure timely resolution and communication.
• Select and implement information security threat mitigation strategies and safeguards.
• Perform periodic information security-related risk analyses, prioritize risks, and implement effective risk mitigation processes to protect the enterprise information assets.
• Develop and maintain KRI’s and provide regular updates to executive leadership, board, and relevant enterprise risk committees on information security program status.
• Develop and implement enterprise security architecture that aligns with company’s IT and business strategy, oversee implementation of security technologies and infrastructure.
• Develop and maintain enterprise secure software development lifecycle process, ensure compliance of products, services, and IT applications.
• Develop and conduct security awareness programs for employee, promote a culture of security awareness across the organization.
• Manage and mentor a diverse team of security professionals and foster a collaborative and high-performance environment.
Qualifications (Knowledge, Skills & Abilities)
The finalist candidate will be an experienced Chief Information Security Officer (current or prior) who possess deep technical expertise in the field of Information Security with a successful history of delivering Enterprise-wide security programs.
• 15+ years of experience in information security including at least 3+ years experience as a Chief Information Security Officer; with at least 5 years management experience
• Current or Prior experience as the CISO in a publicly traded company.
• Preferred certifications: CRISC, CISA, CISM, CISSP or similar
• Understanding of relevant legal, regulatory and privacy requirements such PCI DSS, ISO 27001, SOC2, FEDRAMP, CMMC etc.
• In-depth knowledge of various information security frameworks, standards, methodologies, and best practices (e.g., NIST, ISO, SANS, OWASP).
• Strong understanding of security technologies, trends, and best practices.
• Ability to manage multiple projects and initiatives in a fast-paced environment. Proven track record of developing and implementing successful information security programs.
• Strong security architecture background with experience building and driving a cybersecurity strategy and framework, with initiatives to secure the organization’s cyber and technology assets.
• Proven track record of developing and implementing secure processes and systems used to prevent, detect, mitigate, and recover from cyberattacks with strong exposure to various technology-based safeguards.
• Strong understanding of information security principles, practices, and technologies, including network security, application security, cloud security and endpoint security.
• Excellent leadership, communication, and interpersonal skills.
• Effective organizational, time management and interpersonal skills: Analytical mindset with creative and innovative problem-solving skills, Ability to adapt to change and embrace ambiguity, Excellent verbal & written communication skills.
• Bachelors or Masters degree in Computer Science, Information Technology, Cybersecurity or related field of study
Location: Virtual (with a preference for on-site in our Cary, NC office)
,
Tagged as: Information security officer