US Chief Information Security Officer

Location: WayneThe US Regional CISO shall understand and manage DLL’s cyber and information security posture and risk exposure while educating the business on US regulatory requirements related to information security, alignment with EU requirements and DLL policies, and setting appropriate standards and metrics for the US operation.This role requires a deep understanding of cybersecurity principles and frameworks, regulatory compliance (especially US), risk management, and effective leadership to safeguard the organization against cyber threats.Key responsibilities will be to translate cyber security US regulatory requirements, with consultation with Legal and other stakeholders, into the business, drive proactive compliance with industry regulations related to information security, ensure ongoing risk and compliance assessments, oversee evaluation of appropriate security controls, develop, implement, and monitor local policies and standards, raise security awareness, develop, maintain, and conduct training programs, and facilitate incident response program when needed.The role may also be involved in project and product development consultation, other business operations with cyber and information security impact, and incident response program management.This is a leadership and senior advisory role to the US Leadership Team, DLL global teams, and relevant Global Business Unit members. This requires the ability to clearly communicate, create clarity and structure in the strategic, operational, and external aspects of DLL.The CISO will be based in the United States (with strong preference for Wayne, Pennsylvania) and will report directly to the Chief Risk Officer.Day to Day• Protect US Region organization and assets against cyber threats and security breaches.• Establish and maintain US Regional information security program, policies, standards and guidelines, in alignment with the existing global program and addressing specific US region requirements where needed.• Set goals and objectives for the US organization and its Cyber security posture.• Drive compliance with local requirements.• Keep abreast of the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities, with a focus on managing US regulatory change towards compliance.• Set standards on quality assurance monitoring to achieve and maintain policy and regulatory compliance.• Drive security awareness and training for the US Region organization, including senior management and relevant boards.• Oversee Regional governance practices related to information security.• Drive alignment with Global Policies and across functions.• Facilitate global connection and alignment (policy/regulatory requirements/etc.).• Oversee the translation and implementation of global policy requirements in the US Region.• Work closely with other business groups and stakeholders, including Legal, Compliance, Audit and Risk, ensuring the protection of information and assets including data, systems, databases, networks, and other resources.• Partner with and enable first line of responsibility, while ensuring objectivity and independence.• Provide effective functional guidance to the US business to assess and prioritize security risks.• Serve as a subject matter expert, provide architecture guidance across cybersecurity functional areas including Network, Endpoints, Cloud, Identity & Access Management, Data Encryption & Protection, Logging, Application & APIs, Customer and Vendor B2B, Product Cybersecurity, Operational Threat/Manufacturing, IoT and AI/ML.• Partner closely with IT delivery leadership and system owners on risk mitigation steps.• Oversee and/or advise on timely mitigation of vulnerabilities and security gaps.• Oversee/help direct response to information security incidents, data breaches, and in general with the business continuity program.• Provide transparent view of US Region cyber security posture and exposures.• Develop security metrics and information requirements for reporting to senior management and boards on information security and cybersecurity risks and mitigation progress.• Facilitate IT/Cyber Security risk assessments, via ongoing risk assessment program targeting information security, cybersecurity, and privacy matters.• Conduct control assessments and ensure security controls align with risk tolerance.All members enjoy:• Two working days per year volunteering for a local charity.• Health and Wellness program including healthy food, free health checks, fun health & vitality activities.• Flexible hours with possibility to work from home.• Check this link to an overview of all benefits in your region.Minimum Qualifications:• Bachelor's degree in relevant domain, with specialization in Information Security or equivalent field; risk management and/or audit experience is a plus.• At least 10 years of work experience in banking or financial services industry.• Minimum of 7 years of experience in Information / Cyber Security field.• Data and quality driven and results oriented.• Excellent…