Chief Information Security Officer (CISO) Job
Date: May 4, 2013
Location: New York, NY, US
Job ID: 2013-16158
# of Positions: 1
Posted Date: 3/7/2013
Job Location: US-NY-New York
Position Type: Regular Full Time
Category: Information Technology
Pearson has one defining goal: to help people progress in their lives through learning. We champion innovation and we invest in models for education that deliver on our promise for effective, accessible, and personal learning from early literacy, college and career readiness to professional education, through data informed instruction and inventive applications for mobile and digital learning.
Why Pearson Technology?
Today Pearson is a technology company as much as we are a newspaper or book publishing company and technology is also the operational backbone of the organization.
Pearson Technology provides the infrastructure, tools and services that enable our businesses to function, that connect us with the outside world, and that are fuelling our future growth.
This is an exciting time. Technology is vital to Pearson’s strategy and that growth: to become more global, more digital, more service-led, more personalized and more open and closely connected with the people who use what we make.
Pearson is becoming a smarter, quicker and more flexible business, and innovation in technology will underpin our reputation as the world’s leading learning company.
New digital products and services give us access to new, bigger and faster growing markets and ultimately help people of all ages to make progress in their lives through learning. This is after all what we're all about.
About the Role...
The Chief Information Security Officer (CISO) is responsible for establishing and maintaining a corporate-wide global information risk management program to ensure information assets are adequately protected. The CISO is responsible for identifying, evaluating, protecting against and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. This position requires a visionary leader with strong skills in business management and a detailed working knowledge of information security technologies. The CISO will proactively work with business units to implement practices that meet defined policies and standards for information security. He/she will also oversee a variety of IT-related risk management activities.
This position serves as the process owner of all ongoing activities related to the availability, integrity and confidentiality of customers, business partners, employees and business information in compliance with the organization’s information security policies. The successful candidate must be highly knowledgeable about the business environment and must ensure that information systems are maintained in a fully functional, secure mode.
The ideal candidate is a thought leader, a consensus builder, and an integrator of people, process and technology. This role is ultimately a business leader and should have a track record of competency in the field of information security with direct experience in a significant leadership role.
- Develop, implement and monitor a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
- Draft and propose company-wide information security strategy and action plans based on risk assessment and gap analysis.
- Develop, publish, and maintain comprehensive information security standards, policies, procedures and guidelines.
- Act as the primary corporate control point during follow-up on significant information security incidents, oversee development of response plans and provide timely update reporting.
- Advise the management team on risk issues that are related to information security and recommend actions in support of the company's wider risk management programs.
- Collaborate within the organizational network to ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required.
- Monitor information security trends and evolving technologies and keep senior management informed about related information security issues and implications for the company.
- Understand potential and emerging information security threats, vulnerabilities, and control techniques and communicate this information to appropriate team members throughout the Company on a timely basis.
- Conduct regular and ongoing monitoring of and reporting on company-wide compliance with information security standards and policies.
- 10+ years of progressive leadership experience in computing and information security, including experience with internet technology and security issues.
- BA, BS or Masters Degree in a computer science or information systems related discipline required. Masters in Business Administration a plus.
- Experience with information system disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning.
- Business system continuity planning, auditing, and risk management experience as it relates to information security.
- Excellent written and verbal communication skills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
- Must be an intelligent, articulate, consensus building, and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical team members at all levels of the organization.
- Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) is required, (CISSP is highly preferred).
Pearson is an Equal Opportunity and Affirmative Action Employer, and a member of E-Verify. All qualified applicants, including minorities, women, veterans, and people with disabilities are encouraged to apply.
Job Segments: Information Security, Security, Executive, Corporate Security, Computer Science, Technology, Management