VP/Chief Information Security Officer (CISO)Location: Mountain View, CA ResponsibilitiesSymantec is currently looking for a dynamic, insightful, security conscious leader and strategic thinker to be the forerunner for our Information Security Team. As the CISO you will report directly to the CIO and work in conjunction with other executives to develop and implement security and privacy enhancements to the technical architecture. You will maintain information security and privacy policies, standards and guidelines covering all areas within Symantec and will lead ongoing compliance monitoring of information security and privacy requirements and responsibilities in supplier contracts and agreements As the CISO, you will be responsible for enhancing and modifying, as appropriate, a strategic plan for corporate-wide information security and privacy. You will identify initiatives, develop budgets and implement the initiatives based on the strategic plan in order to build a strong security community across the company’s functional, business, and technology organizations. As the CISO, you will manage risk through shared vision with the business leaders by consulting with and providing advice to senior management and their organizations in the development, implementation, and administration of information security and privacy policies and procedures, and on the information security infrastructure and security and privacy related issues. You will be responsible for conducting and/or leading comprehensive assessments of Symantec’s information security and privacy policies and procedures against applicable regulations, laws, policies, and standards. Assessments should include gap analyses and recommendations to improve the security and privacy infrastructure to remove or mitigate risk.As the CISO, you will also be responsible for directing a program for the identification, reporting, and remediation of information security concerns throughout the organization. You will lead in the investigation of any actual or potential information security violations and manage escalation of security events and in addition, will assist with disciplinary and legal matters associated with such violations as necessary and document and make recommendations to correct or prevent future violations. Success Factors:• Strategic agility• Managing vision & purpose• Planning• Innovation management• Interpersonal savvy• Comfort around senior executives Qualifications: • Bachelor’s degree in Computer Science, Information Technology, Business Administration or related field with advanced degree strongly preferred.• Fifteen plus years significant hands on experience with security in companies with significant online business, multiple business units, many products, > US $1 billion in annual revenue, and thousands of employees. • Must have at least ten years of management experience.• Extensive experience in network, endpoint, and application security.• Must have well developed change management skills; be effective in working across organizational boundaries to build a case for changes, and to execute on the change plan – from strategy through to ongoing operation and process improvement.• Experienced in, and able to formulate, the cost effectiveness benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives. Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.• An excellent understanding of security (and integrity) and privacy regulations such as Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach Bliley Act (GLBA), and international privacy laws.• Excellent understanding of security and auditing standards such as ISO 17799, Control Objectives for Information and related Technology (COBIT), and National Institute of Standards and Technology (NIST).• Excellent knowledge of information security technology, such as firewalls, intrusion detection systems (IDS), cryptography, and anti-malware.• Must be CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certified – preferably both. Qualified applicants should contact Charrese_Edwards@symantec.com Phone: 503 335-2202 Symantec Corporation is an Equal Opportunity Employer and welcomes diversity. Related content feature What it takes to be a malware analyst The proliferation of ransomware and other attacks has increased demand for experts who can analyze how the software works and devise a response. By Bob Violino Jun 15, 2017 7 mins Careers IT Leadership Security news New CISO Chris McDaniels to help drive Mosaic451’s cybersecurity practice The US Air Force veteran brings deep experience in cyber defense and emergency response. By Michael Nadeau May 23, 2017 2 mins IT Leadership Security news Veristor hires Jackie Groark as director, security/CISO Groark, an expert in threat detection and intelligence, will lead the company’s security practice. By Michael Nadeau May 17, 2017 2 mins IT Leadership Security news BJC names Matthew Modica as its first chief information security officer Modica will be responsible for all levels of security, from operations to IT to facilities. By Michael Nadeau May 15, 2017 1 min IT Leadership Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe