SVP, Chief Information Security Officer

Description

Building trusted markets powered by our people.

At Cboe Global Markets, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy.

As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world.

We’re building inclusive ways to support professional and personal development while strengthening the trust we’ve earned as a global market leader.

Our teams are empowered to share ideas, actively pursue them and bring on a challenge. As champions of internal mobility and access to opportunity, we encourage our people to go for it and equip our managers with the training to coach their teams to the next level.

Our Associate Resource Groups champion diversity, equity and inclusion, giving associates a safe space to network, share ideas and create opportunities.

Reporting to the Chief Risk Officer within the Risk Management and Information Security Department, this senior-level executive is responsible forestablishing and maintaining Cboe’s comprehensive information security strategy and program to ensure our information assets and technologies are adequately protected.

The CISO leadsthe global Information Security teamthat is responsible foridentifying, developing, implementing, and maintaining processes, practices, and tools that mitigate information and technology risks throughout the global enterprise.

The CISO leads incident response efforts and develops, maintains, and monitors compliance with information security-related policies, procedures, and controls.

The CISO regularly provides reports regarding the status of the information security program to executive management, the CGM Board, the CGM Risk Committee, and subsidiary boards.

Responsibilities

Provide strategic leadership of Cboe’s information security program.

Promote collaborative, effective security working relationships across Cboe.

Implement Cboe’s information security program, including any special tasks or projects requested by regulators, senior management, or the CGM Risk Committee.

Develop an annual risk-based information security plan aligned with Cboe’s strategies, objectives, and risk profile, leveraging the enterprise risk management process, as appropriate, for purposes of optimizing resources.

Take reasonable steps to guard against loss or compromise of the Company’s critical, valuable, and sensitive information and to effectively detect, respond to, and recover from information security issues.

Escalate information security-related risks and risk events in accordance with requirements defined in the Incident Response Information Security Policy.

Chair the Security Council (a group of Risk Management and Information Security, Legal, Compliance, Internal Audit, Infrastructure, and Technology / Operations management that meets regularly to discuss and prioritize remediation of information security-related issues and incidents).

Complete periodic information security-related risk analyses and risk mitigation processes.

Select and implement information security threat mitigation strategies and safeguards.

Respond thoroughly and effectively to exam requests from regulators and audit requests from the Internal Audit Department.

Ensure cyber-related public company reporting requirements are fulfilled.

Provide reports to relevant boards and committees of the boards on information security program status and material matters related to the program.

Assess the sufficiency of information security resources and report, as necessary, on any resource limitations or need for additional resources.

Work in conjunction with the Compliance Department to develop and oversee Cboe’s provision of information security awareness training to its associates.

Implement professional development plans for all members of the Information Security team.

Qualifications

Bachelor’s degree in computer science, engineering, mathematics or a related discipline. Master’s degree is a plus.

15+ years of proven experience with increasing responsibilities in information security.

Prior CISO experience, preferably for a global, public company.

Highly technical information security background with a hands-on leadership style.

Strong understanding of common industry control frameworks (including NIST SP 800 series).

Strong background in financial services and experience in working with regulators.

Experience managing a global team with 24x7 operations.

Ability to manage multiple projects simultaneously and appropriately prioritize demands.

Ability to work with other leaders and balance security priorities with other business priorities.

Ability to grow leaders on the information security team.

Benefits and Perks

We value the total wellbeing of our people including health, financial, personal and social wellness. We believe standard benefits like health insurance and fair pay are a given at any organization.

Still, you should know we offer :

• Fair and competitive salary and incentive compensation packages with an upside for overachievement
• Generous paid time off, including vacation, personal days, sick days and annual community service days
• Flexible, hybrid work environment, where you choose where and how you work
• Health, dental and vision benefits, including access to telemedicine and mental health services
• 2 : 1 401(k) match, up to 8% match immediately upon hire
• Discounted Employee Stock Purchase Plan
• Tax Savings Accounts for health, dependent and transportation
• Employee referral bonus program
• Volunteer opportunities to help you give back to your communities

Some of our associates’ favorite benefits and perks include :

• Complimentary lunch, snacks and coffee in any Cboe office
• Paid Tuition assistance and education opportunities
• Generous charitable giving company match
• Paid parental leave and fertility benefits
• On-site gyms and discounts to other fitness centers
9 days ago