AVP, Deputy Chief Information Security Officer

AVP, Deputy Chief Information Security OfficerJoin to apply for the AVP, Deputy Chief Information Security Officer role at JM Family Enterprises, Inc.As a strategic leader at JM Family Enterprises, the Deputy Chief Information Security Officer (Deputy CISO) plays a critical role in aligning business unit IT priorities with enterprise security and platform capabilities. Reporting directly to the Chief Information Security Officer (CISO), this role serves as a bridge between technical teams and business stakeholders, ensuring secure, scalable, and cost-effective solutions are delivered across the organization. The Deputy CISO will drive cross-functional collaboration, governance, and oversight to uphold our security standards and enable innovation.ResponsibilitiesBuild, inspire, and lead a high-performing, multidisciplinary security teamServe as principal deputy to the CISO, assuming leadership in their absenceCollaborate closely with the CISO to manage and execute the enterprise security strategyPartner with BU IT leaders to ensure ERP, CRM, HCM, and SaaS platforms are secure and effectiveLead the enterprise Application Security program, including secure coding, application scanning, penetration testing, and secure architecture reviewsOversee application security and enablement program across custom, SaaS, and packaged applicationsLead the secure enablement of enterprise-wide IT initiatives, including ERP/CRM implementations, cloud migrations, digital transformation, and infrastructure modernizationDrive secure adoption and transformation of enterprise platforms (ex. Oracle, Salesforce, Workday, ServiceNow, industry-specific apps)Enable DevSecOps practices for enterprise application teams, embedding automated security checks into application delivery pipelinesPartner with application owners and business leaders to ensure security is a business enabler, not a blocker, to transformation initiativesChampion secure user experience and adoption of enterprise platformsMonitor and manage risks associated with enterprise applications and integrationsLead strategic planning and adopt global cybersecurity best practicesDevelop, implement, and maintain the organization’s information security programDrive enterprise-wide information security risk management and mitigationEnsure compliance with regulatory, industry, and contractual security standards (SOX, PCI DSS, HIPAA, GDPR, ISO, NIST)Oversee third-party/vendor risk management and due diligencePartner with executive and business unit leaders to integrate cybersecurity into decision-makingEmbed “security by design” into digital transformation, cloud, and emerging tech initiativesPromote a culture of security through training, simulations, and awareness campaignsDevelop future cybersecurity leaders and support succession planningAlign business demand with platform capabilities and delivery feasibilityEscalate unresolved platform or security design issues as appropriateCollaborate with Internal Audit, Legal, and Compliance to ensure audit readinessEnsure BU IT programs and services meet business expectationsDevelop executive-level reporting and metrics to demonstrate business enablementQualificationsBachelor's Degree in Computer Science, Information Security, or related field (Master’s preferred)15+ years of experience in Information Security and/or Application Development including 7+ years leading Information Security at the executive level in cloud-native or high-scale technology environmentsProven track record managing end-to-end software/application development lifecyclesRelevant industry certifications (CISSP, CISM, CRISC) are preferredProven track record managing budgets totaling $20 million+, showcasing financial acumen in IT operationsDeep understanding of technical architecture patterns and platform constraintsProven working knowledge of cybersecurity principles, IAM, and other non-functional requirementsStrong Understanding of Application Development LifecycleDemonstrated effectiveness in establishing standards and best practices for Agile development, DevSecOps, CI/CD pipelines, and test automationExperience driving cloud-native development, SaaS adoption, and enterprise modernizationProven track record enabling enterprise application solutions (ERP, CRM, HR, Finance, Supply Chain, Digital Platforms)Deep knowledge of application development methodologies (Agile, SAFe, DevSecOps)Strong understanding of enterprise architecture, integration, and data platformsAbility to interpret, assess, and validate complex technical solution proposalsDeep understanding of current and emerging cyber threats, attack vectors, and risk mitigation strategiesLeadership and effective communication skills, with a strong ability to analyze and problem resolution; self-motivated and results-drivenDemonstrated effectiveness as a leader for staff management, development, and mentorshipStrong business acumen with ability to translate security concepts into business-relevant languageExceptional communication and influencing skills with senior leadershipDemonstrated ability to lead and inspire large, distributed teams across multiple disciplinesStrategic thinker with an execution mindset, balancing risk and enablementExperience managing technical intake and demand processes across enterprise environmentsStrong leadership in facilitating cross-functional technical trade-off discussions and decision-makingMust stay current with industry trends, threat intelligence, and emerging technologiesComfortable working in a fast-paced, highly visible role with enterprise-wide influenceCollaborates with Legal and Government Relations/Compliance teams to ensure compliance with relevant laws, regulations, and policiesThis job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at any time at the sole discretion of JM Family. All work arrangements are subject to associate performance, business need and manager discretion, and may be revised as necessary.JM FAMILY IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYERJM Family Enterprises, Inc. is an Equal Employment Opportunity employer. We are committed to recruiting, hiring, retaining, and promoting qualified associates without regard to age, race, religion, color, gender, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, gender expression, mental or physical disability, national origin, marital status, citizenship, military status, genetic information, veteran status, or any other characteristic protected by federal, state, provincial, or local law.DISABILITY ACCOMMODATIONSIf you have a disability and require a reasonable accommodation to complete the job application process, please contact JM Family’s Talent Acquisition department at for assistance. If you have an accommodation request for one of our recruiting events, please notify us at least 72 hours prior so that we may provide assistance.Seniority level: ExecutiveEmployment type: Full-timeJob function: Information TechnologyIndustries: Motor Vehicle Manufacturing #J-18808-Ljbffr

Created: 2025-09-17