Global Chief Information Security Officer

• Develop and execute a global, risk-based cybersecurity strategy and program aligned with Allied Universal’s business objectives
• Establish, communicate, and oversee governance of enterprise-wide cybersecurity policies, standards, and controls that are appropriate for the company’s diverse global operations
• Lead, mentor and manage Regional Cybersecurity Leaders to promote consistency, accountability, and operational effectiveness across all regions
• Define and monitor key risk indicators, cybersecurity metrics, and maturity objectives to inform executive decision-making and drive ongoing program improvement
• Oversee global monitoring, detection, and response capabilities that provide 24×7 visibility into potential cyber risks and support timely containment activities
• Identify and assess emerging threats, technologies, and vulnerabilities to support informed planning and risk mitigation efforts
• Provide recommendations regarding cybersecurity investments and resource allocation, helping prioritize efforts based on risk, business impact, and value
• Foster a culture of cybersecurity awareness, ownership, and accountability across all functions and geographies
• Coordinate, develop, and implement programs designed to train Allied Universal’s workforce regarding the company’s cybersecurity requirements, including applicable cybersecurity laws and requirements and responding to evolving cybersecurity threats
• Evaluate emerging threats and vulnerabilities, driving continuous improvement of the company’s cybersecurity posture as appropriate
• Direct recurring global cybersecurity risk assessments
• oversee associated cybersecurity risk management activities, including maintenance of a risk register, remediation tracking, and risk decisions
• Oversee periodic internal and external cybersecurity audits to verify adherence to policies, standards and regulatory requirements
• Report promptly on cybersecurity risks to relevant Allied Universal Leadership upon identifying risks that exceed tolerance levels
• Support compliance with regulatory requirements as well as any Allied Universal and customer contractual obligations for cyber security
• Remain current and knowledgeable regarding applicable cybersecurity laws and regulations, including laws and regulations applicable to government contractors
• Lead on various external cybersecurity initiatives, including compliance for protecting sensitive data such as responding to regulators and customer audits
• Direct and continuously improve the enterprise incident-response program, including playbooks, tabletop exercises, and post-incident reviews
• Lead cross-functional coordination with Legal, Technology, Operations, and Regional CIOs to contain and recover from major cyber incidents
• Oversee specialized incident-response and investigative resources for critical events
• Provide timely updates to the CEO, Global General Counsel, and Board on incident status, impact, and remediation progress
• Review and assess the effective deployment of cybersecurity technologies, tools and software by Allied Universal, third parties, and related vendors
• Coordinate and respond to various cybersecurity assessments, including, as required, certifications to process certain government-related data or other sensitive data
• Monitor and manage cybersecurity aspects of the third-party lifecycle and confirm that third parties’ cybersecurity practices align with Allied Universal’s cybersecurity risk tolerance
• Communicate/respond to requests regarding the effectiveness of Allied Universal’s cybersecurity program regarding third-party diligence, selection, and monitoring (e.g., insurance, debt financing, public accounting, initial public offering, etc.) in coordination with Allied Universal Leadership, including IT, Legal and Procurement
• Provide regular briefings to the CEO, Global General Counsel, and Board of Directors on cybersecurity posture, key risks, and, if applicable, major incidents.
• Communicate with internal and external stakeholders (including government and prime contractor customers) regarding Allied Universal’s cybersecurity program
• Prepare and present reports on Allied Universal’s cybersecurity posture to the CEO and Board of Directors, and other Allied Universal Leadership
• Partner with IT and Operations to ensure business-continuity and disaster-recovery programs incorporate cybersecurity risk considerations, are regularly tested, and effectively support enterprise resilience objectives

• Bachelor’s degree in computer science, Information Technology, cybersecurity, or a related field
• Minimum of fifteen (15) years of progressive experience in cybersecurity
• Minimum of seven (7) years in a senior management role in an information security function
• Experience in managing, responding to, and mitigating cyber incidents
• Experience or familiarity with government contracting and public and private company cybersecurity reporting requirements
• Hands-on cyber incident response coordination and oversight experience
• Expertise in risk-based frameworks (NIST CSF, ISO 27001, SOC 2, CMMC, NIST 800-171) and familiarity with applicable regulatory regimes (SEC, GDPR, state breach laws, etc.)
• Proven ability to engage with CEO, Board of Directors, and Executive Team on cybersecurity strategy and governance
• Ability to operate effectively as both strategist and practitioner, a player-coach who drives global cybersecurity direction while engaging hands-on to guide, mentor, and resolve complex technical and operational challenges
• Strong leadership skills as well as the ability to work and communicate (verbal, written, and interpersonal) effectively with other leadership and their teams
• An entrepreneurial and innovative mindset regarding cybersecurity development and operations
• A strong understanding of the business impact of cybersecurity policies, tools, and technologies, including leveraging existing assets and talent to efficiently manage cybersecurity spend

Recognized security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), etc.

• Medical, dental, vision, supplemental income plan with a company match, basic life, AD&D, and disability insurance
• Eight paid holidays annually, five sick days, and four personal days
• Executive Flex Vacation Plan
• annual bonus, equity package