Chief Security Officer/Chief Information Security Officer
- Redlands, CA
Reporting to the CIO, the individual selected for this position will be responsible for defining and implementing Esri's global security strategy and security architecture. The successful candidate will guide all aspects of our security program with direct oversight of the corporate information security team, which covers the following areas:
- Enterprise information security assurance
- Policy, compliance, and security audits
- Vulnerability and security assessments, including testing of our infrastructure, internal applications, and solution offerings
- Security awareness employee training
- Security architecture, engineering, and operations
- Design of network and compute solutions appropriate to the workload
- Security network operations
- Monitoring, traffic analysis, and incident response
- Deliver on the mission to architect, implement, and continuously improve a secure yet flexible environment that allows Esri staff to build, sell, and support great software and solutions
- Develop and implement the security strategy, including objectives, architecture, information access model, budget, schedule, staffing, and vendor engagement
- Represent the security program externally with customers, prospects, and partners and internally with employees
- Collaborate with Development and Professional Services teams to integrate security requirements into the product roadmap, ensuring that Esri solution and service offerings meet industry and government security and privacy standards. We align to the ISO 27001/2 framework, NIST 800-171, FISMA/FedRAMP, SSAE 18, GDPR, CCPA, and ITAR.
- Review internal application design and assist IST application teams in building a sound security framework
- Collaborate with Facilities and HR on physical security, workplace safety matters, and personnel security
- Facilitate remediation from audit findings or security incidents
- Educate team members through periodic communications and in-person training
- Manage relationships with security vendor partners
- A 10+ year track record of progressive experience in network and information security and risk management
- Experience designing, implementing, and leading security and risk management programs
- A solid technical background with strong knowledge of cloud security models and controls
- Working knowledge of security testing and auditing, intrusion detection, SIEM, NAC, and other state-of-the art security tools
- The ability to evaluate and manage security service and product vendors at scale
- Outstanding communication, interpersonal, and relationship-building skills; the ability to work well in a cross-functional, matrix-management environment
- An organized, responsive, and engaged problem-solving mindset and approach
- CISSP, CISA, CISM, CHFI, GISP, GCFA, GCED, GCIA or similar industry-standard certifications
- US citizenship and ability and willingness to obtain a security clearance
- Bachelor's in computer science or equivalent
- Experience with the ITIL framework, SSAE 18, and NIST 800-171/FISMA/FedRAMP
Our passion for improving quality of life through geography is at the heart of everything we do. Esri's geographic information system (GIS) technology inspires and enables governments, universities, and businesses worldwide to save money, lives, and our environment through a deeper understanding of the changing world around them.
Carefully managed growth and zero debt give Esri stability that is uncommon in today's volatile business world. Privately held, we offer exceptional benefits, competitive salaries, 401(k) and profit-sharing programs, opportunities for personal and professional growth, and much more.
Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
If you need a reasonable accommodation for any part of the employment process, please email email@example.com and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.
Back to top