VP & Chief Information Security Officer

Position Overview: We are seeking an experienced and strategic Chief Information Security Officer (CISO) to lead and drive the global information security strategy for our organization. This role will have a dual focus-corporate cybersecurity objectives across all divisions and product engineering & product service cybersecurity oversight within our Defense and Global Transportation Systems divisions. The CISO will ensure our organization remains secure, compliant with international and regional standards, and is innovative in addressing security challenges to support our growth.

The successful candidate will be responsible for protecting our global infrastructure, intellectual property, and customer data, while ensuring the security of the products we develop, manufacture, and service. You will lead cross-functional teams, working closely with IT, engineering, and product teams to drive the organization's cybersecurity maturity, ensure compliance with regulatory frameworks (ISO 27001, PCI-DSS, CMMC and other regional requirements etc.), and differentiate the company as an industry leader in security and compliance to help drive top-line growth.

Key Responsibilities:

Corporate Cybersecurity Strategy & Leadership:

• Develop and lead a comprehensive global cybersecurity strategy that aligns with the company's mission, business objectives, and risk tolerance.
• Oversee global cybersecurity operations, including threat detection, incident response, vulnerability management, and risk mitigation.
• Establish and maintain a comprehensive cybersecurity governance framework to ensure the confidentiality, integrity, and availability of corporate IT systems, data, and intellectual property.
• Lead a global cybersecurity team, ensuring robust talent development, training, and retention.
• Develop and maintain an information security policy that is aligned with industry best practices and applicable regulatory requirements.
• Ensure alignment of cybersecurity initiatives with regional and global compliance requirements, including but not limited to ISO 27001, PCI-DSS, CMMC, GDPR, NIST, and other relevant frameworks.
• Establish metrics and reporting structures to regularly update senior leadership and stakeholders on the cybersecurity posture, risks, and compliance standing.

Product Engineering & Service Cybersecurity:

• Collaborate with product engineering teams to ensure that security is integrated throughout the product lifecycle, from initial design to post-market support.
• Lead security efforts to ensure that our products meet the highest security standards and adhere to compliance frameworks (ISO 27001, PCI-DSS etc.), as well as regional cybersecurity regulations.
• Oversee the implementation of secure software development lifecycle (SDLC) practices, ensuring secure coding, testing, and deployment.
• Work with product service teams to ensure the continuous security of our products in the field and provide guidance on secure product maintenance and support.
• Implement robust vulnerability management processes, including continuous security testing, secure patching, monitoring, and remediation practices for all products and services.

Compliance & Regulatory Oversight:

• Lead efforts to achieve and maintain certifications and compliance with key standards such as ISO 27001, PCI-DSS, CMMC, SOC 2, and other regional and industry-specific requirements.
• Conduct regular internal audits and risk assessments to evaluate compliance, identify gaps, and implement corrective actions.
• Work with legal and compliance teams to ensure the company's cybersecurity posture aligns with global data privacy laws and other regulatory requirements.
• Oversee the development and implementation of business continuity and disaster recovery plans with a focus on minimizing downtime in the event of a security breach.

Stakeholder & Executive Engagement:

• Serve as the primary point of contact for cybersecurity issues across the global organization and ensure effective communication with senior executives, board members, and business stakeholders.
• Partner with business leaders and leaders across corporate functions (Legal, Finance, HR, etc.) to ensure that cybersecurity risks are understood and managed in alignment with business goals.
• Establish relationships with key external partners, including regulatory bodies, industry consortia, and external auditors to stay ahead of emerging cybersecurity threats, trends, and compliance requirements.

Innovation & Continuous Improvement:

• Drive innovation in cybersecurity practices to stay ahead of emerging threats and ensure that the company's security capabilities remain cutting-edge.
• Develop and foster a culture of security awareness across the organization by promoting regular employee training, phishing simulations, and awareness campaigns.
• Lead the adoption of new technologies and security tools to enhance the company's cybersecurity posture.

Required Skills and Experience:

• Proven experience as a CISO or senior information security leader in a global, complex organization, ideally with experience in both corporate and product-focused cybersecurity.
• Extensive experience with cybersecurity standards and frameworks, including ISO 27001, PCI-DSS, CMMC, NIST, SOC 2, GDPR, and other global/regional regulatory requirements.
• Strong understanding of product security, secure software development practices, and risk management within both engineering and service environments.
• In-depth knowledge of threat management, incident response, vulnerability management, and security operations.
• Strong leadership and people management skills, with a demonstrated ability to build and lead global, cross-functional teams.
• Excellent communication skills, with the ability to interact with senior leadership and stakeholders across the organization.
• Demonstrated ability to drive security maturity across an organization and align security efforts with business objectives to drive growth.
• Proven track record of successfully implementing cybersecurity programs in a global, multi-faceted business environment.
• Ability to influence and collaborate with business and technical teams at all levels to drive results.
• Relevant industry certifications (CISSP, CISM, CISA, etc.) preferred.

Education:

• Bachelor's degree in Information Security, Computer Science, Engineering, or a related field. A master's degree or advanced certifications in cybersecurity is a plus.

Benefits:

• Competitive salary and performance-based bonuses
• Comprehensive healthcare and wellness programs
• Retirement and pension plans
• Paid time off and holidays
• Opportunities for continuous learning and development
• Global travel opportunities as needed

We are an equal opportunity employer and welcome candidates from diverse backgrounds to apply. The CISO will play a pivotal role in safeguarding the future of our business by strengthening our cybersecurity posture, driving compliance, and enabling continued growth.

Cubic Pay Range:

$220,000.00 - $350,000.00* + benefits.

Cubic Pay Range:

The Cubic pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.