Chief Information Security Officer

    • New York, NY

SiriusXM and Pandora have joined together to create the leading audio entertainment company in the U.S. Together, we are uniquely positioned to lead a new era of audio entertainment by delivering the most compelling subscription and ad-supported audio experiences to millions of listeners -- in the car, at home and on the go. Our talent, content, technology and innovation continue to be at the forefront, and we want you to be a part of it! Check out our current openings below and at www.siriusxm.com/careers.

Position Summary:

SiriusXM is seeking a Chief information Security Officer (CISO) to protect its customers and brand against an evolving and sophisticated set of global threat actors. 

SiriusXM has built its reputation as the world’s largest audio entertainment company and the premier programmer and platform for subscription and advertising-supported audio products, not only by offering high quality at competitive prices, but also by its ability to secure and protect the data assets of its customers, the company and its shareholders. The CISO will be entrusted to define the standard of protection and security for today’s SiriusXM – a company with complex operations across multiple businesses around the world, facing a formidable array of risks and threats to its customers’ data, its assets – physical and digital – and, therefore, its brand.

Duties and Responsibilities:

The CISO will have end-to-end accountability for leading the enterprise information security program, including enterprise IT security, compliance-related activities, broadcast and product security in support of SiriusXM’s diverse businesses. Leveraging leading-edge technology and engineering practices, this leader will bring together software engineering, infrastructure and security disciplines to establish the vision, strategy and architecture to ensure a scalable, flexible and highly resilient technology platform for SiriusXM and its customers across North America. The person in this role will find ways of delivering on this vision without impeding the brand’s best-in-class customer service, pace of modernization or appetite for innovation.

Supervisory Responsibilities:

  • The CISO will lead a security team of more than 25 employees and contract resources, and manage an operating budget in excess of $8M.
  • The CISO should have a balance of strategic leadership and vision, with a passion for being "hands-on" in leading technology – particularly in the areas of data, cloud and security. It is critical for the CISO to possess a track record of successful transformation to establish credibility within the organization.

Minimum Qualifications:

The ideal candidate should be both a teacher and a learner, capable of introducing creativity and leading-edge engineering thinking, while simultaneously demonstrating the humility and willingness to collaborate and learn from the existing organization. SiriusXM requires the CISO to have extensive leadership experience, and to have operated in environments with at least a comparable complexity of threat vectors to SiriusXM

  • Modern and meaningful technical depth - Depth in modern technology stacks, specifically infrastructure, software engineering, data and analytics, and cloud – both public and “hybrid” models.
  • Domain expertise - Preferably, 15+ years in high-volume digital environments with complex security, operational and regulatory requirements. 
  • Has 10+ years of experience leading information security in a complex, global, regulated enterprise and possesses a strong understanding of data privacy and protection.  Large-scale eCommerce, retail, financial services or “high-tech” experience a plus. 
  • Demonstrated track record of information security transformation - A thought leader in the delivery of innovative cyber and risk management solutions through both engineering prowess and security rigor.
  • Understands the balance and nuances required to modernize information security capabilities in a hybrid technology environment with both legacy and modern technology practices and resources.

Requirements and General Skills:

  • A Bachelor’s Degree in a technical field (engineering, computer science, mathematics, statistics, management information systems, operations research, etc.) is required.
  • M.S. or M.B.A. is strongly preferred. 
  • Appropriate certifications in IT Cybersecurity is necessary.
  • Experience leading a global information security program.                                                                                             
  • Has managed a team of at least 25 cybersecurity professionals, with potential to scale significantly beyond that.
  • Good public speaking and presentation skills.
  • Interpersonal skills and ability to interact and work with staff at all levels.
  • Excellent written and verbal communication skills.
  • Ability to work independently and in a team environment.
  • Ability to pay attention to details and be organized.
  • Ability to project professionalism over the phone and in person.
  • Ability to handle multiple tasks in a fast-paced environment.
  • Commitment to “internal client” and customer service principles.
  • Willingness to take initiative and to follow through on projects.
  • Excellent time management skills, with the ability to prioritize and multi-task, and work under shifting deadlines in a fast-paced environment.
  • Must have legal right to work in the U.S.

Technical Skills:

  • Thorough knowledge of MS-Office Suite (Word, Excel, PowerPoint, Access).

Our goal at SiriusXM+Pandora is to provide and maintain a work environment that fosters mutual respect, professionalism and cooperation. SiriusXM+Pandora is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, ancestry, alienage or citizenship status, age, disability or handicap, sex, gender identity, marital status, familial status, veteran status, sexual orientation or any other characteristic protected by applicable federal, state or local laws.

The requirements and duties described above may be modified or waived by the Company in its sole discretion without notice.


Back to top