Chief Information Security Officer
Staples is hiring a Chief Information Security Officer (CISO) to lead security across the company, which includes the retail and B2B business units. As Staples embarks upon a digital transformation journey, the CISO is responsible for safeguarding the company’s most critical information and implementing modern security policies, practices, and technologies into the organization.
ROLE AND RESPONSIBILITIES
Reporting to Chief Information Officer Dave Spooner, the CISO has responsibilities in the following areas:
Executive Leadership – Serve as the lead security executive for Staples, responsible for leading an effective corporate-wide initiative and instilling a culture of security throughout the company. This will require close relationships with the Executive Chairman, CEO and executive leadership team.
Strategic Security Program – Create a strategic security roadmap outlining necessary resources and requirements, with leadership buy-in, to build and sustain a world-class security program inclusive of a SOC, a GRC program and strong I&AM policies. This role will be responsible for coordinating security strategy among different company departments, to include the business unit leaders, Engineering, Human Resources and Legal.
Technical Integration – The CISO will advise and implement security technologies into a modern Dev Ops organization and integrate security into the CI/CD lifecycle. Cloud security is also a critical aspect of the cloud migration effort.
Communication & Coordination – The CISO will need to translate technical risks into interpretable organizational risks for a wide range of corporate audiences, including the Board and senior leadership.
Modern technologist and thinker. Vision for security matched by execution ability.
Views security as an enabler, not an inhibitor to innovation.
Inspired by transformation challenges and rewards.
Decisive leader who instills leadership into reports. Values team building; mentoring and training a team.
Strong interpersonal skills. Ability to connect with stakeholders and build strong relationships across a large corporation.
Clear and concise communicator
Minimum 5 years of experience as a corporate CISO or security leadership with executive management responsibilities and digital transformation leadership or equivalent experiences.
Management of team size 50+.
Relevant experience across modern engineering/product teams or within technology organizations. Cloud security and DevSecOps expertise highly relevant.
Proven track record implementing the following programs: incident response, threat intelligence, DLP/DR/BCP, IAM, information privacy, SOC management, security architecture, security policy/advocacy and risk assessments.
Relevant compliance expertise for the industry, and familiarity of, or certifications including ISO, SOX, CISSP, NIST, PCI.
Technical foundation (EE/CS degree or equivalent experience), but also a business mindset and an innate ability to translate technical vulnerabilities into broader organizational risks for senior leadership.
Superior written and verbal communication skills. Ability to serve broadly as a security advocate and authority.
Security industry connectivity to hire great talent, build a world-class team. Serve as an external security evangelist for the company.
Interested in joining the team? Check out our perks and benefits !
To apply for this job email your details to Staplestaffing@staples.com