Chief Information Security Officer

$250,000 - $250,000/Yr

FactSet Research Systems - New York, NY

posted 3 months ago

Full-time - Senior
New York, NY
10,001+ employees
Web Search Portals, Libraries, Archives, and Other Information Services

About the position

The Chief Information Security Officer (CISO) at FactSet Research Systems Inc. plays a pivotal role in safeguarding the company's information, digital assets, technology, and data. This position is responsible for developing, implementing, and leading a comprehensive cybersecurity program that encompasses policies, standards, and procedures designed to protect against unauthorized access, modification, or destruction of sensitive information. The CISO collaborates closely with senior management, including the Chief Technology Officer (CTO), and various business units to formulate a holistic information security strategy that aligns with FactSet's business objectives and adheres to regulatory requirements. In this role, the CISO will oversee risk assessments, incident response protocols, data protection measures, and staff training programs aimed at enhancing information security awareness across the organization. The CISO is tasked with designing and implementing an enterprise-wide information security strategy that addresses contemporary challenges such as artificial intelligence, cloud security, data privacy, and international cybersecurity regulations, while effectively balancing risk, cost, and operational efficiency. This includes directing the development and enforcement of information protection policies, network and software security architectures, data handling procedures, and user access controls. The CISO will also spearhead the Information Security Management System (ISMS) to ensure compliance with ISO/IEC 27001, GDPR, and other relevant standards. Regular security assessments, penetration tests, and tabletop exercises will be conducted to evaluate the effectiveness of security measures. The CISO will lead the organization's responses to IT security incidents, managing communications with stakeholders and external parties throughout the incident lifecycle. Additionally, the CISO will collaborate with Human Resources to build a top-tier cybersecurity team and support their continuous development, while providing updates to the Board of Directors and executive management on the state of the information security program, emerging risks, and ongoing initiatives. Continuous updates to FactSet's security practices and policies will be necessary to accommodate new technologies and threats, particularly in areas such as Generative AI and machine learning.

Responsibilities

  • Design and oversee the implementation of an enterprise-wide information security strategy.
  • Direct the development and enforcement of information protection policies.
  • Spearhead the Information Security Management System (ISMS) and ensure alignment with ISO/IEC 27001, GDPR, and other relevant standards.
  • Conduct and oversee regular security assessments, penetration tests, and tabletop exercises.
  • Foster a culture of vigilance and security awareness across the organization.
  • Lead the organization's responses to IT security incidents from identification through to resolution.
  • Collaborate with HR to develop a top-tier cybersecurity team and support their continuous development.
  • Provide updates to the Board of Directors and executive management on the state of the information security program.
  • Continuously update FactSet's security practices and policies to accommodate new technologies and threats.
  • Serve as the primary contact for external auditors and help coordinate compliance activities.
  • Collaborate with GenAI development teams to integrate security best practices into AI models.
  • Stay abreast of emerging GenAI security threats and technologies.

Requirements

  • Proven leadership in IT and Information Security roles within a global organization, with at least 10 years of experience in security and technology.
  • At least 7 years in a senior leadership role with a strategic mindset and experience influencing organizational change.
  • Expertise in security frameworks and regulations such as ISO/IEC 27000 series, SOC 2, PCI-DSS, GDPR, and CCPA.
  • Experience with advanced persistent threats, cloud security strategies, data protection laws, and security in AI environments.
  • Strong understanding of network and system security technology and practices across all major-computing areas.
  • Exceptional communication skills to articulate complex security risks and controls to non-technical stakeholders.
  • Robust project management skills, capable of driving complex projects with cross-functional teams.
  • Relevant certifications such as CISSP, CISM, CISA, or other recognized security professional certifications.
  • Experience with business continuity management and disaster recovery/incident response.
  • Experience providing strategic updates and information to Board of Directors and executive management.
  • Strong understanding of cloud security and experience with cloud service providers.

Nice-to-haves

  • Experience in developing security strategies for AI technologies.
  • Familiarity with international cybersecurity regulations and compliance requirements.

Benefits

  • Flexible work accommodations to support work/life balance.
  • Career progression planning with a focus on career development.
  • Business Resource Groups that align with DE&I strategy.
  • Opportunities for networking and mentorship.
  • Participation in a global community dedicated to volunteerism and wellness.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service