IAA- Chief Information Security Officer (CISO) in Westchester, IL at KAR Global

Date Posted: 11/13/2019

Job Snapshot

Job Description



The Chief Information Security Officer (CISO) is the leader of Security, Risk and Privacy for IAA., driving both business and IT Security Strategy.  The CISO provides strategic Security, Privacy and Compliance leadership for IAA Business Units and subsidiaries on a global basis. Leads Operational compliance for standards and regulations for the organization including GDPR, SOC, NYDFS and others as appropriate. Drives opportunities to further secure assets and evaluate new and unforeseen threats.  Provides guidance for IT and Business on Security and Privacy related issues.  This position will work closely with Business and IT leaders to define and ensure ongoing adherence to IAA Information Security Policies and Standards.  Responsible for monthly reporting on Security KPIs and quarterly to the Risk Committee.

Job Duties/Responsibilities: 

  • Defining and leading overall Security & Privacy Strategy 
  • Driving Security & Privacy by design for business and IT systems
  • Monthly reporting on Security KPIs and quarterly to the Risk Committee
  • Protecting the intellectual property of the organization 
  • Directing Threat Modeling for IAA
  • Leading annual IT security assessment and penetration testing
  • Tracking the latest security innovations and keeps up on the latest technologies
  • Complying with regulations and compliance requirements
  • Driving security audits and risk assessments
  • Championing and educating the organization about the latest security strategies and technologies
  • Communicating with key business and IT leaders on security threats facing the business
  • Developing strategies to handle security incidents and trigger investigations
  • Implementing an effective process for the reporting of security incidents
  • Overseeing the investigation of reported security breaches
  • Driving the development and of security policies and strategies that are appropriate for the IAA business and customer base

Job Requirements: 

  • Understand and appropriately evaluate risk to the organization
  • Excellent analysis, presentation, writing and communication skills – providing verbal and written communication to both direct reports and senior management as well as other stakeholders
  • Work collaboratively across all business units within IAA (IT, Business, Operations, Marketing, etc.) to ensure existing and new processes/ technologies are secure
  • Practice and promote teamwork at all times 
  • Ability to balance business, information, data, application, technical, and solution architectures
  • Research, analyze, design, propose solutions that align business needs and security strategies
  • Analyze political (State, Federal & International), technology, industry, and market trends to determine potential impact on Information Security
  • Ability to manage several concurrent projects, prioritize demands and switch priorities effectively 
  • Previous experience with high level incident response
  • Experience in maintaining secure systems/networks and/or developing applications 
  • Previous experience in scripting languages such as powershell, python or other 
  • Education Experience: Bachelor's Level Degree 
  • Years of Related Experience: Over 10 Years
  • License/Certificate Required: No
  • Driver's License Required: No
  • Travel Requirements:25%
  • Age Requirement:18+

Preferred Skills: 

  • 15+ years of IT and 10+ years of Security experience 
  • Proven leadership of a high performing Security or Privacy team
  • Previous Board reporting experience
  • Track record of Public speaking, Industry leadership experience 
  • Security Certifications (such as CISSP, CISM, CISA, etc.) are strongly desired
  • Privacy Certifications (such as CIPM, CIPP) are strongly desired

In return for your excellent skills and abilities, we offer a benefits package including: health insurance, 401K, STD/LTD, Life Insurance/AD&D, paid holidays and vacations.

IAA is committed to providing equal employment opportunities regardless of race, creed, religion, color, sex, age, national origin, disability, sexual orientation, gender identity, genetic information, veteran status, citizenship status, or marital status.

IAA is a drug-free workplace. EOE