Vice President, CISO

The Vice President, Chief Information Security Officer (CISO) reports directly to the Senior Vice President, Chief Information Officer (CIO) and leads enterprise vision, strategy, and programs to protect information assets and technologies across global operations.

Core Responsibilities:

• Oversees cybersecurity governance, risk management, compliance, and incident response aligned with business objectives and regulatory requirements worldwide.
• Develops Enterprise IT Security and Risk Policies. Manages Vendor IT Risks, Global IT Risk/Security Services, and influences organizational security behavior.

This role is responsible for managing IT risks relating to Information Security, Business Continuity Planning, Crisis Management and Privacy/Compliance (globally). The role also directs the adoption and implementation of IT Policies and Procedures across the enterprise.

Critical Focus Areas:

SAP S/4 Hana Security;
Secures Enterprise S/4 Hana implementation across finance, manufacturing, and supply chain. Implements authorization frameworks, segregation of duties controls, and data protection strategies. Manages security architecture for cloud and hybrid SAP deployments. Ensures compliance with financial controls during ERP transformation.

Agentic AI Security;
Establishes security frameworks for autonomous AI agents across manufacturing, supply chain, and customer engagement. Manages risks related to AI autonomy, data access, and model integrity. Implements authentication, authorization, and activity monitoring controls. Addresses prompt injection, model poisoning, and adversarial attacks.

IT/OT Convergence and Manufacturing Security;
Secures operational technology environments across global plants. Protects industrial control systems, SCADA networks, and production technologies. Implements network segmentation between IT and OT. Manages cyber-physical security risks in manufacturing operations. Coordinates with plant operations and supply chain leadership.

Salesforce Platform Security;
Protects customer data and engagement platforms across B2B and B2C channels. Ensures compliance with global data privacy regulations.

Consumer Security and Brand Protection;
Partners with business functions on consumer data protection and privacy, digital commerce and payment security, brand protection and digital trust, connected product and IoT security.

Job Duties / Responsibilities may include, but are not limited to:

Cybersecurity Strategy and Governance:

• Develop and execute a global information security strategy aligned with corporate goals and industry best practices
• Provide strategic oversight for risk and strategies - dealing with potential risk through contingency planning and risk mitigation
• Develop/Align the IT risk and security strategy/roadmap to progress our security and risk processes/tools to improve critical business capabilities
• Oversee business continuity, mitigate risk and ensure compliancy through the existence of secure/sustainable IT security policies
• Set usage and security policies for information sharing on internal/external platforms

Leadership to Global IT Risk and Security Team:

• Responsible for the organizational development of direct/indirect reports and providing feedback
• Assure needed capabilities/skills are available to achieve planned results in collaboration with global Technology leaders
• Coach, mentor and empower team members to deliver results and become future leaders
• Perform managerial activities (i.e., performance management, associate development, team staffing, recognition plans, performance improvement plans, disciplinary actions and communication/enforcement of policies and procedures)

Educate the Global Organization:

• Educate global Business Unit Leaders and Service Managers on IT security policies
• Understand the trade-offs required to manage the different levels of IT risk tolerance/risk exposure across the organization and balance this with risk investments
• Educate Executive Leadership on cyber risks and create an information security awareness program with custom communication tools and campaigns for each business unit and integrated services group

• Serve as a strategic business partner for the global business continuity planning process across business units and the Integrated Services group.
• Provide IT security services (globally) that protect the company (at an acceptable level of risk) and promotes business growth.
• Advise executive leadership and the Board of Directors regarding emerging threats, risk posture.

Key Experience

• 14 or more years of experience in running the Information Security Office
  -Analyzing/Applying information security risk, risk management and privacy practices
• Senior security leadership experience in a global manufacturing or industrial operations with direct/indirect reports
• Relevant work experience (including consulting and general industry experience)
• Expert knowledge of national and interpersonal regulatory compliances and frameworks (e.g., ISO, COBIT, DPD, HIPPA and PCI DSS)
• Proven track…