Executive, Chief Information Security Officer (CISO)
Description:
At CoreLogic, we are driven by a single mission—to make the property industry faster, smarter, and more people-centric. CoreLogic is the trusted source for property intelligence, with unmatched precision, depth, breadth, and insights across the entire ecosystem. Our talented team of 5,000 employees globally uses our network, scale, connectivity and technology to drive the largest asset class in the world. Join us as we work toward our vision of fueling a thriving global property ecosystem and a more resilient society.
CoreLogic is committed to cultivating a diverse and inclusive work culture that inspires innovation and bold thinking; it's a place where you can collaborate, feel valued, develop skills and directly impact the real estate economy. We know our people are our greatest asset. At CoreLogic, you can be yourself, lift people up and make an impact. By putting clients first and continuously innovating, we're working together to set the pace for unlocking new possibilities that better serve the property industry.
Job Description:
CoreLogic is an innovative, future focused company whose vision is to deliver unique property-level insights that powers the global real estate economy.
We are evolving at a rapid pace and the clients we serve are challenged from every direction, which means we are growing and innovating to help drive their success. Differentiated by our superior data, analytics, and data-enabled solutions, we empower our clients to make smarter business decisions. We take initiative, are fully accountable, build respect and trust, and make transparency a must.
We take pride in our work and believe in cultivating an environment that supports and values our greatest asset: our talented employees. At CoreLogic, we engage, include and collaborate at every turn.
CoreLogic is actively looking for a Chief Information Security Officer (CISO) to lead the Company’s information security team as we advance our technology offerings and contend with an increasingly complex threat environment. The CISO will be responsible for implementing and running the enterprise information security program globally. That will involve identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives. This position reports to the Chief Legal Officer (CLO) of CoreLogic.
The CISO position requires a visionary leader with sound knowledge of business management and a working knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem. The CISO is responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure, and processes are protected in the digital ecosystem in which we operate. A key element of this role is working with executive management to determine acceptable levels of risk for the organization. The CISO should understand and articulate the impact of cybersecurity on business and be able to communicate this to senior stakeholders.
Key Responsibilities:
Assess the current state cyber organization including people, processes, and technology.
Establish a strategic road map based on prioritized areas of risk to evolve the Company’s information security posture from reactive to proactive.
Implement target milestones and metrics to measure performance. Communicate progress, roadblocks and challenges to the board and key stakeholders.
Update and educate the board and executive leadership team on current cyber threats, issues, and risks; provide regular status updates on initiatives and operations.
Engage and align with technology and business partners to drive a comprehensive information security strategy and ensure information assets and technologies are appropriately protected.
Partner with business stakeholders across the Company to raise awareness of risk management concerns
Engage with clients as needed to address risk management concerns and questions
Support the overall business technology planning, providing a current knowledge and future vision of technology, systems, data and how to ensure a secure environment.
Collaborate across business lines; empowering business leaders to take ownership and accountability for risk appetite within respective businesses, and necessary information security practices to ensure protection of business activities.
Understand and interact with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems, and services, including privacy, risk management, compliance, and business continuity management
Coordinate with legal and compliance organization to ensure compliance with relevant legal requirements regarding protection of consumer, employee, and customer data
Coordinate with legal and compliance organization to develop and update information security policies, procedures and standards
As the company continues migration to the cloud, partner with technology to implement modern security standards, specifically related to application development and delivery.
Drive adoption and optimization of cyber tool sets for a streamlined user experience – implement appropriate controls while identifying opportunity for automation across the stack.
Provide due diligence and support for business expansion activity
Maintain relationships and connectivity to industry peers and relevant threat intelligence sources and regulatory agencies to collaborate and stay abreast of cyber events or topics
Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls
Develop, mentor, and manage a motivated staff of information security professionals, including hiring, training, development, and performance management.
Recruit, lead and inspire a global cybersecurity team.
Job Qualifications:
Requirements:
15+ Years of demonstrated experience and success in senior leadership roles in risk management, information security, and IT Infrastructure
Master’s Degree in business administration or a technology-related field, or equivalent work- or education-related experience
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials
Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment
Experience with contract and vendor negotiations
Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley (SOX), the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CPPA) and similar state data protection laws, Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
Up-to-date knowledge of methodologies and trends in both business and IT
Travel is anticipated up to 25% of work time
Knowledge and Skills:
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences
Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization
Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist
Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
Project management skills: financial/budget management, scheduling and resource management
Annual Pay Range:165,600 - 250,000 USD
CoreLogic benefits information can be found here: Qualifications, locations and experience of the individual ultimately selected for the position may impact the final actual offered compensation, which may vary from any posted range.
CoreLogic's Diversity Commitment:
CoreLogic is fully committed to employing a diverse workforce and creating an inclusive work environment that embraces everyone’s unique contributions, experiences and values. We offer an empowered work environment that encourages creativity, initiative and professional growth and provides a competitive salary and benefits package. We are better together when we support and recognize our differences.
EOE AA M/F/Veteran/Disability:
CoreLogic is an Equal Opportunity/Affirmative Action employer committed to attracting and retaining the best-qualified people available, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability or status as a veteran of the Armed Forces, or any other basis protected by federal, state or local law. CoreLogic maintains a Drug-Free Workplace.
Please apply on our website for consideration.
Privacy Policy -
By providing your telephone number, you agree to receive automated (SMS) text messages at that number from CoreLogic regarding all matters related to your application and, if you are hired, your employment and company business. Message & data rates may apply. You can opt out at any time by responding STOP or UNSUBSCRIBING and will automatically be opted out company-wide.
Connect with us on social media! Click on the quicklinks below to find out more about our company and associates.
REQ12101