Esri, Inc.

Returning Candidate?

Chief Security Officer/Chief Information Security Officer

Chief Security Officer/Chief Information Security Officer

Location 
US-CA-Redlands
Job Category 
Information Technology
Job ID 
2017-7317

More information about this job

Overview

Reporting to the CIO, the individual selected for this position will be responsible for defining and implementing Esri’s global security strategy and security architecture. The successful candidate will guide all aspects of our security program, with direct oversight of the Corporate Information Security team.

 

The Corporate Information Security team covers the following areas:

  • Enterprise Information security assurance
    • Policy, compliance, and security audits
    • Vulnerability and security assessments, including testing, of our infrastructure, internal applications, and solution offerings
    • Security awareness employee training
  • Security architecture, engineering, and operations
    • Design of network and compute solutions appropriate to the workload
    • Security network operations
    • Monitoring, traffic analysis, and incident response

Your mission will be to architect, implement, and continuously improve a secure yet flexible environment that allows Esri staff to build, sell, and support great software and solutions.

Requirements

  • Develop and implement the security strategy, including objectives, architecture, information access model, budget, schedule, staffing, and vendor engagement
  • Represent the security program externally with customers, prospects, and partners, and internally with employees
  • Collaborate with the Development and Professional Services teams to integrate security requirements into the product roadmap
  • Ensure that Esri solution and service offerings meet industry and government security and privacy standards by implementing and testing the ISO 27001/2 framework, and by meeting requirements for NIST 800-171, FISMA/FedRAMP, SSAE 16, GDPR, and ITAR compliance
  • Review internal application design and assist IST application teams in building a sound security framework
  • Collaborate with Facilities and HR on physical security, workplace safety matters, and personnel security
  • Facilitate remediation from audit findings or security incidents
  • Educate team members through periodic communications and in-person training
  • Manage relationships with security vendor partners

Requirements:

  • A 10+ year track record of progressive experience in network and information security and risk management
  • Experience designing, implementing, and leading security and risk management programs
  • A solid technical background, with strong knowledge of cloud security models and controls
  • A working knowledge of security testing and auditing, intrusion detection, SIEM, NAC, and other state-of-the art security tools
  • The ability to evaluate and manage security service and product vendors at scale
  • Outstanding communication, interpersonal, and relationship-building skills; the ability to work well in a cross-functional, matrix-management environment
  • An organized, responsive, and engaged problem-solving mindset and approach
  • CISSP, CISA, CISM, CHFI, GISP, GCFA, GCED, GCIA or similar industry-standard certifications
  • US citizenship and ability and willingness to obtain a security clearance
  • Bachelor's in computer science or equivalent

Recommended Qualifications:

  • Experience with the ITIL framework, SSAE16, and NIST 800-171/FISMA/FedRAMP

The Company

Our passion for improving quality of life through geography is at the heart of everything we do. Esri’s geographic information system (GIS) technology inspires and enables governments, universities, and businesses worldwide to save money, lives, and our environment through a deeper understanding of the changing world around them.

 

Carefully managed growth and zero debt give Esri stability that is uncommon in today's volatile business world. Privately held, we offer exceptional benefits, competitive salaries, 401(k) and profit-sharing programs, opportunities for personal and professional growth, and much more.

 

Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.