Group Chief Information Security Officer
$350k - $400kJobleads-US
Group Chief Information Security Officer The Chief Information Security Officer (CISO) will lead and oversee the Information Security program across the entire organization. The role will be responsible for developing, implementing, and maintaining a unified enterprise security strategy that ensures the confidentiality, integrity, and availability of the company’s information assets, platforms, infrastructure, and customer data across all business operations. As the organization continues to modernize its retail, digital, cloud, and enterprise technology platforms, we require a transformational security leader capable of driving the next phase of cybersecurity maturity across the group. This role is significantly broader than traditional cybersecurity operations and compliance management. The CISO will play a critical leadership role in helping the organization securely navigate large-scale technology transformation, AI adoption, cloud modernization, evolving regulatory requirements, and an increasingly sophisticated global threat landscape. The CISO will be responsible for establishing and leading a group-wide cybersecurity strategy across both US and UK operations, driving consistency in governance, policy, standards, risk management, incident response, and operational security practices. This includes developing enterprise security standards, modernizing security architecture, implementing Zero Trust principles, strengthening cloud and identity security, improving business resilience, and reducing legacy technology and operational risk across the environment. Cybersecurity has evolved far beyond traditional perimeter defense and audit-driven compliance programs. We now face a rapidly changing threat environment driven by AI-enabled attacks, ransomware, cloud complexity, third-party supply chain risk, increasing regulatory scrutiny, and growing operational dependence on digital platforms. As a result, the CISO must operate not only as a security leader, but also as a strategic business partner and an agent for transformation. This role will require close collaboration with executive leadership, technology teams, legal, compliance, operations, and external partners to ensure security is embedded into the organization’s strategy and business operations. Given the strategic importance of cybersecurity and enterprise risk management to the organization, the CISO role will maintain a regular reporting cadence with the Board Risk Committee and will be responsible for providing ongoing updates related to cybersecurity posture, operational risk, regulatory compliance, major initiatives, emerging threats, and overall enterprise resilience. Benefits for those who are scheduled to work less than 20 hours per week include Employee Discount, EAP and Sick Pay. For those scheduled to work between 20 and 29.99 benefits include Employee Discount, EAP, Sick Pay and Paid Time Off including paid Maternity and Parental Leave, Company Paid Holidays, Transit and 401(k) with Company Match. For those scheduled to work 30 hours or more benefits include Employee Discount, EAP, Sick Pay and Paid Time Off including paid Maternity and Parental Leave, Company Paid Holidays, 401(k) with Company Match, Comprehensive Health Benefits (Medical, Dental and Vision), Healthcare and Dependent Care Spending Accounts, Healthcare Spending Account, Disability Benefits, Life Insurance, Transit, and Tuition Reimbursement. All benefits provided are in accordance with the terms of the current plan and may be subject to future change. Benefits may vary depending on location/state regulations. More information can be received by the recruiter or Human Resources. An employee in this position can expect an annual starting rate between $350,000 - $400,000 depending on experience, seniority, geographic locations, and other factors permitted by law. What You Do Global Security Strategy Define and execute a unified cybersecurity strategy that supports the business objectives of both B&N and Waterstones. Lead the development and implementation of security policies, standards, and procedures that align with local regulations and best practices. Serve as a trusted advisor to executive leadership and Board of Directors for both organizations. Security Operations & Incident Response Leadership Lead the enterprise cybersecurity incident response and crisis management program, coordinating cross-functional response activities during major cyber incidents, ransomware events, operational disruptions, and data breaches. Act as the primary technical contact with external crisis response agencies, cyber insurance providers, legal counsel, forensic investigators, regulators, and law enforcement agencies during significant cybersecurity incidents. Drive the continuous maturation of the organization’s cyber resilience capabilities, including incident response planning, ransomware preparedness, disaster recovery, business continuity, tabletop exercises, and enterprise recovery strategies. Establish and maintain enterprise-wide cyber incident response standards, escalation procedures, communication protocols, and post-incident review processes to improve organizational readiness and operational resilience. Direct 24/7 global security operations, including monitoring, detection, and response to security incidents. Technology & Infrastructure Security Leverage AI to improve detection, response, and scale. Ensure security is embedded in infrastructure, applications, cloud environments, and software platforms. Drive Zero Trust adoption, identity and access management, and secure data handling practices across both organizations. Oversee regular penetration testing, vulnerability assessments, and third-party risk management. Team Leadership & Development Lead and foster collaboration between the B&N and Waterstones Information Security teams. Recruit, mentor, and retain top cybersecurity talent. Directs work and ensures appropriate performance levels of all Security team members across Waterstones and B&N, working together with the senior leadership team to create a performance-based culture. Partner with IT, Legal, Risk, HR, and other business units to ensure a holistic approach to Information Security. Executive Leadership & Cybersecurity Influence Serve as a visible and influential cybersecurity leader across both organizations, representing the Information Security function internally and externally. Champion a strong culture of security awareness at all levels of the organization and across both businesses. Act as the public and internal face of the cybersecurity function, partnering with executive leadership, board members, auditors, and external partners to communicate the organization’s security vision and maturity. AI-Enhanced Cyber Defense & Governance Leverage AI to improve detection, response, and scale. Automate incident triage and response (SOAR + AI). Enhance phishing and fraud detection using ML models. Collaborate with HR and Legal to define AI security policies and acceptable use standards. Classify and approve AI tools and vendors. Align with emerging regulatory frameworks (EU AI Act, etc.). Prevent data leakage into external AI platforms. Enforce data classification and masking for AI use. Monitor environment for unauthorized use of enterprise data in AI tools. Assess AI capabilities in vendor platforms. Prepare for and defend against: AI-generated phishing (highly personalized) Deepfake-based social engineering Automated vulnerability discovery by attackers Update training and awareness programs accordingly. Utilize AI to reduce reliance on manual Tier 1/2 SOC work. Shift talent toward engineering, threat hunting, and strategy. Integrate AI into security tooling stack (SIEM, EDR, XDR). Knowledge & Experience Data Security & Protection Define and enforce enterprise data security standards, policies, and controls to ensure the confidentiality, integrity, and availability of corporate and customer data. Establish data classification standards and ensure data is appropriately categorized, protected, retained, archived, and disposed of based on business and regulatory requirements. Oversee encryption standards and key management practices for data at rest, in transit, and within cloud environments. Ensure appropriate access controls, and privilege security models are implemented across enterprise platforms and data repositories. Partner with Legal, Compliance, and technology teams to ensure adherence to data privacy and regulatory requirements, including GDPR, PCI-DSS, SOX, CCPA, and other relevant industry standards. Develop and maintain Data Loss Prevention (DLP) strategies and monitoring capabilities to reduce the risk of unauthorized disclosure or exfiltration of sensitive information. Support the development of enterprise-wide awareness and training programs related to data handling, privacy, cybersecurity, and acceptable AI usage practices. Third-Party & Supplier Risk Governance Establish third-party cybersecurity risk management program to assess, monitor, and mitigate risks associated with vendors, cloud providers, SaaS platforms, outsourced service providers, and strategic technology partners. Define security governance standards and due diligence processes for vendor onboarding, contract reviews, system integrations, and vendor risk assessments. Oversee continuous monitoring and risk evaluation of critical third-party providers, including incident response coordination, security assessments, penetration testing, and remediation monitoring if needed. Develop governance frameworks and contingency strategies to reduce operational, financial, and reputational risk associated with third-party cyber incidents, software supply chain compromise, and critical vendor outages. Regulatory & Audit Compliance Responsibilities Lead the information security compliance program to ensure alignment with applicable regulatory, legal, and industry requirements across the organization, including SOX or equivalent, PCI-DSS, GDPR, UK GDPR, data privacy regulations, and other applicable corporate and retail compliance obligations. Education & Professional Background Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field; advanced degree (e.g., MS in Cybersecurity) preferred. 15+ years of experience in Information Security, with at least 7 years in a senior or executive leadership role overseeing enterprise-scale security programs. Proven success leading global cybersecurity initiatives across multi-national or multi-brand organizations. Technical & Strategic Expertise Deep understanding of information security frameworks, technologies, and architectures, including Zero Trust, cloud security, and identity management. Strong knowledge of regulatory requirements across U.S. and European jurisdictions, including GDPR, CCPA, and other privacy/security regulations. Demonstrated ability to balance security risk management with business enablement, ensuring security strategies are aligned with business objectives. Experience in incident response, crisis management, and executive-level communications during security incidents. Leadership & Influence Recognized as a strategic cybersecurity leader who can inspire trust and confidence at board, executive, and operational levels. Strong executive presence, with the ability to communicate complex technical concepts in clear, business-relevant terms. Proven capability to build, mentor, and lead high-performing security teams and encourage collaboration across geographies and business functions. Certifications (Preferred) CISSP, CISM, CISA, CRISC, CCISO, or equivalent industry-recognized credentials. #J-18808-Ljbffr
- ...Career Opportunities: Chief Information Security Officer (CISO) (5967) Requisition ID 5967 -Posted - Permanent Contract Be part of a new era in communications... ...multiple business verticals to ensure alignment with group policies and regulatory frameworks Structured and detail‑...SuggestedPermanent employmentContract workFor subcontractorRemote workWork from homeFlexible hours
- ...Chief Information Security Officer The Department of Records and Information Services is seeking to hire a Computer Systems Manager Non-Manager to... ...administration, systems administration, active directory, PowerShell, group policy, Containerization, Cloud, and IT security...SuggestedFull timeLocal areaShift workWeekend workAfternoon shift
- ...Chief Information Security Officer (CISO) US or Canada Location: Remote (U.S. or Canada) Type: US Applicants – Full‑Time; Canadian Applicants – Independent... ..., we do not discriminate on the basis of any protected group status under any applicable law. Voluntary Self‑...SuggestedFull timeContract workFor contractorsFor subcontractorWork at officeRemote workDay shift
- ...Corporate, Infrastructure and Project Finance Group - CHI Fitch Ratings' North America... ...of our New York, Chicago, or Toronto office. Fitch Ratings is seeking a senior credit... ...Group is a global leader in financial information services with operations in more than 30...SuggestedWork at officeLocal area
$164.4k - $285.6k
...Relationship Manager U.S. Media & Entertainment Industries Group BMO's U.S. Media & Entertainment Industries Group ("MEIG") is... ...com and let us know the nature of your request and your contact information. Note to Recruiters: BMO does not accept unsolicited resumes...SuggestedContract workPart timeWork experience placementLocal area- ...Always hire up, never down. We partner with organizations of all sizes to explore, design, and implement AI strategies that are secure, scalable, and human-centered. We believe AI should amplify human potential, not replace it, and we build with that conviction in every...Full timeFor contractorsRemote workDay shift
- ...CHIEF INFORMATION SECURITY OFFICER THE POSITION IN A NUTSHELL Sciens is seeking a Chief Information Security Officer (CISO), who will be responsible for establishing and operating a right‑sized, risk‑based cybersecurity program that protects the company, supports growth...Temporary workWork experience placement
$350k - $400k
...exceptional service to seller and buyer clients. Role Executive Summary Compass International Holdings is seeking a seasoned Chief Information Security Officer to own and evolve the enterprise security program. This is an executive & highly technical role at the intersection...Flexible hours$150k - $200k
...Chief Information Security Officer (CISO) Vistrada is looking to hire strong Chief Information Security Officers (CISO). The CISO will provide strategic cybersecurity guidance and oversight to Vistrada clients by leading and managing their cybersecurity programs to help...Work experience placementRemote workFlexible hours- ...Retirement System of the City of New York (TRS) has been securing better futures for NYC educators. With a pension fund... ...Position Summary: TRS is seeking a seasoned and strategic Chief Information Security Officer (CISO) to lead and elevate it's Information Security and...Full time
- ...Chief Information Security Officer (CISO) About the Company Innovative online real estate platform Industry Real Estate Type Privately Held, VC-backed Founded 2012 Employees 1001-5000 Funding $200+ million Categories Curated Web...Local area
- ...Chief Information Security Officer (CISO) About the Company Trusted provider & publisher of consumer insights about car models & auto brands Industry Market Research Type Privately Held, Private Equity-backed Founded 1968 Employees 1001-5000...
- ...UnitedHealth Group Job Descriptions UnitedHealth Group is working to create the health care system of tomorrow. Already Fortune... ...orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. UnitedHealth...
$80k - $120k
...site collection efforts as well as an in-office presence at the primary firm office... ...train other team members to increase the group’s overall knowledge base as well as cultivate... ...with CGS on our Job Board: For more information about CGS please visit: or contact: Email...Full timeWork at officeRemote workFlexible hours- ...Cybersecurity Assessments And Exercises Vice President Drive the security of critical banking applications and platforms through hands-on... ..., security research, and participation in relevant industry groups. Contribute to the continuous improvement of penetration...
- .../ McLean, VA / Wilmington, DE Drive the security of critical banking applications and platforms... ...and participation in relevant industry groups. Contribute to the continuous... ...disability needs. Visit our FAQs for more information about requesting an accommodation. Equal...
$160k - $205k
...is part of the Application Development Security Framework Program within Bank of America... ...Cyber Security Assurance Offensive Security group. The program provides services to assess... ...of internal and external threats on information systems and predict future threat behavior...Shift workDay shift- ...or an alternative application process. Chief Information Officer Full Time Millersburg, OH, US 30+ days... ...Working closely with the Information Security Officer, the CIO oversees the protection... ...short- and long-term disability, and group life insurance – (plan and/or benefits...Full timeContract workTemporary workLocal areaImmediate start
$156.7k - $345.8k
## Business Information Security OfficerApplylocations: New York – New York (... ...Business Information Security Officer, North America P&C**Location... ...: Hybrid Reports To: Chief Business Technology Officer,... ...leading specialty insurance group, backed by the strength and...Full timeWork experience placementLocal area$120k - $160k
...Process design and operational rigor Security-minded systems thinking A key priority... ...about complex migrations with groups, potentially the entire company, at a high... ...prioritize safety and security and may use your information accordingly, and you can contact us for...Remote work- ...teams to map their environment, navigating security and compliance requirements, standing up... ...We strongly encourage individuals from groups traditionally underrepresented in tech... ...employment and equality legislation. This information is confidential, used only in aggregate...
$150k - $160k
...Overview : The Director of Information Technology leads the strategy... ...Center, ensuring high-quality, secure, and effective operations... ...practices across IT and stakeholder groups, fostering collaboration,... ...in administering and using Office 365, Microsoft Teams and Office...Full timePart timeWork at officeMonday to FridayFlexible hoursWeekend workAfternoon shift$250k - $275k
...Senior Director of Information Technology Boston, Massachusetts, United States The Brattle Group, a privately held, global economic consulting... ...Washington, D.C. or Chicago office. The Brattle Group is... ..., and ensure a secure, scalable, and resilient technology...Work at office- ...Chief Technology Officer This is a full-time, on-site role based in New York, NY, for a Chief Technology... ...and teams. Establish and maintain security, compliance, and data governance... ...scale the engineering team — today a group of high-output group of engineers — into...Full time
$100 per hour
...Chief Technology Officer April 2026 About NYC Kids RISE NYC Kids RISE is a nonprofit... ...can contribute to groups of these NYC Scholarship Accounts... ...school family—and as secure and efficient record-keeping... ...College Program’s data and information systems as well as overseeing...Work at officeWork from homeFlexible hours$350k - $400k
...Passport®. We are backed by an exceptional group of funds (Kleiner Perkins, General... ...ABOUT THE ROLE: We're seeking a Chief Technology Officer (CTO) to own Nova Credit's technology... ...it to life AI fluency: A clear, informed perspective on the evolving role of AI...Full timeWork at officeFlexible hours- ...Chief Technology Officer InfoTrack is a platform that seamlessly connects law firms to the courts... ...high standards of velocity, quality, security, and reliability. As the Chief Technology... ..., and platform operations across the group. Lead consolidation of multiple platforms...
- ...scalable solutions: Ensure the development of robust, scalable, secure, and maintainable full-stack systems that can deploy and run AI... ...founded by a team of leading AI research scientists and backed by a group of world‑renowned business and scientific luminaries. Our...Visa sponsorshipFlexible hours
$200k - $350k
...motivated individual to join our team! The Chief Underwriting Officer is a member of the executive... ...ability to interpret complex data and make informed decisions Exceptional leadership and relationship... ...aligned with Mutual Capital Group, Inc. This role supports corporate...Temporary workWork experience placementWork at officeLocal area- Covenant HR is seeking a Field CISO for a remote position in the United States. The ideal candidate will serve as a trusted executive advisor on cybersecurity strategy and governance for client leadership teams. This role involves building executive relationships, expanding...Remote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Group Chief Information Security Officer. Be the first to apply!
- ciso New York, NY
- information systems security officer New York, NY
- business information security officer New York, NY
- chief information security officer New York, NY
- information security officer New York, NY
- chief information security officer ciso New York, NY
- information security officer iso New York, NY
- information security internship New York, NY
- data security manager New York, NY
- information technology security engineer New York, NY

