Chief Information Security Officer


Resolution Life


PA-West Chester - Dunwoody Dr <p>Work From Home


Reporting to the Chief Information Officer (CIO), the Chief Information Security Officer (CISO) is responsible for enabling the business to operate securely and within regulatory requirements in a customer centric, data driven, AI enabled, digital first, and Agile Insurance organization. The CISO will be accountable for driving information security governance and compliance, developing guidelines and policies, managing information security risks and overseeing the information security management organization. The CISO will be the Company’s top expert on security, including security engineering, security operations, cyber intelligence, and governance risk & compliance (GRC), and will work closely with the organization’s Privacy Office on data protection matters and incident and breach response management. The CISO will have information and cyber security as a top-of-mind priority while enabling deployment of next-generation technologies (e.g., cloud, data analytics, AI). The CISO should also understand the Company’s business in depth to safeguard critical business processes while enabling the business to grow to meet its strategic objectives.

Profile Responsibilities

Information Security Risk Management

  • Define, measure, assess, and systematically prioritize the most complex and highest impact information security risks
  • Identify protection goals, objectives and metrics based on information security risks
  • Develop and implement effective strategies to mitigate information security risk
  • Serve as contact person for information security-related matters, including interfaces to the Company’s Risk, Audit, Compliance, Privacy, Information Governance, and business & technology operations.

Information Security Governance and Compliance

  • Develop and institutionalize specific information security guidelines and policies to meet operational and regulatory requirements
  • Enable the business and technology functions in a secure environment by supporting requirements for transformation
  • Lead the implementation of and compliance with company-wide standards and other regulatory requirements
  • Define and conducting trainings and awareness campaigns to educate the workforce

Manage security events and operations

  • Oversee and lead technology response to security events based on escalation criteria
  • Serve as the point of contact and escalation manager for C-suite, the Board, and other key stakeholders on security topics and requirements
  • Stay up-to-date with industry wide security events and evolving nature of Cybersecurity risks resulting from learnings from security incidents occurring in the industry
  • Continuously evolve Security Operations capabilities and tools to ensure the Company is leveraging emerging technologies and tools in an effective and efficient manner


  • Degree in Engineering, Business Administration or a technology-related field.
    • Master’s degree is a plus.
  • 15+ years of developing, implementing and successfully deploying security strategy and policies, covering end-to-end enterprise security, e.g., investigations and case-management, threat and intelligence analysis and remediation, crisis management and response, and data security.
  • Experienced in designing the secure deployment and monitoring of applications and infrastructure into public cloud services (strong preference for AWS).
  • Experience in working in a customer centric, fast paced, entrepreneurial, change friendly, Agile culture. Must be able to build collaborative relationships with leaders of mission-driven cross-functional Agile entities and other Risk & Control leaders across the organization to advance the information security mission and agenda.
  • Experience in enabling security solutions in an organization where technology ecosystem built on the principles of digital first, cloud only, event-driven architecture, data driven integrations, and AI enabled processing. Exposure to environment where there is a high degree of digital technology footprint and is under high degree of regulatory requirements.
  • Intimate knowledge of innovative cyber security technologies, information security best practices, organizational security strategies, and management of security operations.

Please see complete list of qualifications online.


How to Apply:

Apply online




Return to list of jobs.