• United States



Job Post: CISO, Symantec

Aug 14, 20073 mins

VP/Chief Information Security Officer (CISO)Location:  Mountain View, CA 


Symantec is currently looking for a dynamic, insightful, security conscious leader and strategic thinker to be the forerunner for our Information Security Team.  As the CISO you will report directly to the CIO and work in conjunction with other executives to develop and implement security and privacy enhancements to the technical architecture. You will maintain information security and privacy policies, standards and guidelines covering all areas within Symantec and will lead ongoing compliance monitoring of information security and privacy requirements and responsibilities in supplier contracts and agreements

 As the CISO, you will be responsible for enhancing and modifying, as appropriate, a strategic plan for corporate-wide information security and privacy.  You will identify initiatives, develop budgets and implement the initiatives based on the strategic plan in order to build a strong security community across the company’s functional, business, and technology organizations. 

As the CISO, you will manage risk through shared vision with the business leaders by consulting with and providing advice to senior management and their organizations in the development, implementation, and administration of information security and privacy policies and procedures, and on the information security infrastructure and security and privacy related issues.  You will be responsible for conducting and/or leading comprehensive assessments of Symantec’s information security and privacy policies and procedures against applicable regulations, laws, policies, and standards. Assessments should include gap analyses and recommendations to improve the security and privacy infrastructure to remove or mitigate risk.

As the CISO, you will also be responsible for directing a program for the identification, reporting, and remediation of information security concerns throughout the organization. You will lead in the investigation of any actual or potential information security violations and manage escalation of security events and in addition, will assist with disciplinary and legal matters associated with such violations as necessary and document and make recommendations to correct or prevent future violations.

Success Factors:

• Strategic agility• Managing vision & purpose• Planning• Innovation management• Interpersonal savvy• Comfort around senior executives 


 • Bachelor’s degree in Computer Science, Information Technology, Business Administration or related field with advanced degree strongly preferred.• Fifteen plus years significant hands on experience with security in companies with significant online business, multiple business units, many products, > US $1 billion in annual revenue, and thousands of employees.  • Must have at least ten years of management experience.• Extensive experience in network, endpoint, and application security.• Must have well developed change management skills; be effective in working across organizational boundaries to build a case for changes, and to execute on the change plan – from strategy through to ongoing operation and process improvement.• Experienced in, and able to formulate, the cost effectiveness benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives.  Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.• An excellent understanding of security (and integrity) and privacy regulations such as Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach Bliley Act (GLBA), and international privacy laws.• Excellent understanding of security and auditing standards such as ISO 17799, Control Objectives for Information and related Technology (COBIT), and National Institute of Standards and Technology (NIST).• Excellent knowledge of information security technology, such as firewalls, intrusion detection systems (IDS), cryptography, and anti-malware.• Must be CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certified – preferably both. 

Qualified applicants should contact Phone:  503 335-2202 

Symantec Corporation is an Equal Opportunity Employer and welcomes diversity.