Chief Information Security Officer; CISO

Who We Are

Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for ten consecutive years.

We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit

The Chief Information Security Officer (CISO) reports directly to the Chief Risk Officer and serves as the senior-most authority for enterprise cybersecurity, cyber risk governance, and operational resilience across a highly regulated financial services enterprise.

This executive will architect and lead a forward-looking, enterprise-wide security strategy designed to protect the confidentiality, integrity, and availability of corporate and client information assets. The mandate encompasses network security, endpoint and EDR capabilities, hybrid and multi‑cloud security, identity and privileged access management, application security and Dev Sec Ops  integration, governance and compliance, vulnerability management, security engineering, and 24x7 Security Operations.

This role is both strategic and operational - responsible for defining multi‑year Zero Trust architecture evolution while ensuring measurable improvements in threat detection, incident response, regulatory compliance, and enterprise resilience.

Security strategy must be deeply embedded within enterprise modernization, digital transformation, and cloud initiatives. The CISO will transition the organization from perimeter‑centric defenses toward identity‑centric and least‑privilege models, strengthen privileged access governance, advance micro‑segmentation, and implement continuous verification principles aligned to NIST CSF, ISO 27001, FFIEC, NYDFS, NAIC, HIPAA, PCI, FISMA, and SOX requirements.

The CISO serves as executive leader during material cyber events, coordinating cross‑functional crisis response across Legal, Risk, Compliance, Communications, and Business Operations. Regular tabletop exercises, resilience simulations, and regulatory examination leadership are core components of the role.

• Establish and execute a multi‑year Zero Trust architecture roadmap.
• Enhance identity‑centric controls and least‑privilege governance.
• Drive measurable improvements in MTTD and MTTR across Security Operations.
• Elevate regulatory defensibility and audit readiness.
• Embed security architecture within enterprise cloud and digital transformation initiatives.
• Strengthen business continuity, disaster recovery, and cyber resilience posture.
• Build leadership depth and high‑performance culture across the cybersecurity organization.

• The ideal candidate will bring 15+ years of progressive cybersecurity leadership experience.
• Ideally, the new CISO will have experience operating within a regulated industry such as insurance or financial services. Experience from other complex and regulated industries will also be considered.
• The successful executive will demonstrate:
• Experience leading organizations of 100+ cybersecurity professionals.
• Proven oversight of 24x7 Security Operations Centers and cyber defense teams.
• Deep expertise in Zero Trust architecture and identity‑driven security frameworks.
• Strong regulatory fluency across insurance and financial services control environments.
• Executive‑level crisis leadership during significant cyber incidents.
• Board‑level communication presence and risk articulation capability.
• Innate curiosity, able to see around corners, motivated by the desire to “know what we don’t yet know”.
• Anticipates risk and responds with proactive layered approaches to security.