Chief Information Security Officer

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

JDPA LIMITED

WebsiteLinkedInAll Job Openings

- employees

🚗 Transport

☁️ SaaS

🤝 B2B

Transport • SaaS • B2B

JDPA LIMITED is a provider of data, analytics, and software solutions serving the automotive ecosystem and adjacent financial and insurance sectors. It offers vehicle valuations, market and retail intelligence, quality and customer-experience benchmarks, digital marketing and advisory services to OEMs, dealers, insurers and lenders. JDPA LIMITED combines proprietary customer and VIN data with advanced analytics and SaaS products to help clients improve product design, retail performance, risk management, and finance operations.

📋 Description

• Define and own the global cyber security strategy, aligned to business objectives and risk appetite. • Provide senior-level leadership and act as a trusted advisor to the CTO, Operating Team, Board Cybersecurity Committee, and senior leaders. • Lead global planning, budgeting, capability development, and vendor strategy for all security domains. • Promote a strong security culture across all regions, embedding secure behaviors and accountability. • Lead the design, implementation, operation, and continuous improvement of the Information Security Management System (ISMS). • Oversee global risk management, including risk assessments, control selection, and enterprise risk reporting. • Ensure compliance with global cyber security regulations and industry standards. • Lead the development and maintenance of global security policies, standards, and guidelines. • Oversee third-party and supply-chain security, including vendor assessments and due diligence. • Lead global Security Operations (SecOps), including monitoring, detection, threat intelligence, and vulnerability management. • Establish and mature global CSIRT/CSOC capabilities, ensuring 24/7 coverage where required. • Act as executive incident commander for major cyber events, ensuring effective response, communication, and recovery. • Define and oversee secure architecture, cloud security standards, and identity & access management (IAM). • Embed security into the software development lifecycle (SDLC), including secure coding, DevSecOps, and product security reviews. • Partner with Engineering and Technology teams to ensure secure design, encryption, and access controls across all platforms. • Act as the senior representative for cyber security with regulators, auditors, customers, and partners. • Oversee responses to customer and partner security assessments and due-diligence requests. • Monitor global regulatory developments and translate them into actionable controls and programs. • Lead and develop global teams across security operations, governance, risk, compliance, and resilience. • Build organizational capability, succession planning, and specialist talent pipelines. • Foster a collaborative, high-performance culture across regions and functions.

🎯 Requirements

• 10+ years of experience in information security, cybersecurity, with at least 5+ years in a senior leadership role • Proven track record of incident response leadership and crisis management. • Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor • Experience leading large-scale enterprise security programs and managing global teams, including leaders of leaders. • Strong knowledge of modern enterprise security practices, including identity and access management, cloud security, endpoint security, DevSecOps, threat detection, and vulnerability management. • Understanding of emerging AI security risks and controls, including securing AI-enabled workflows and enterprise AI platforms. • Experience securing modern cloud and development environments across platforms such as AWS, Azure, or GCP. • Familiarity with modern security frameworks and standards such as NIST, ISO 27001, PCI, or OWASP. • Demonstrated ability to communicate complex security topics to executive leadership and nontechnical stakeholders. • Experience with risk management, compliance, and regulatory requirements relevant to enterprise software companies. • Strong business acumen, particularly in aligning security investments with financial and operational priorities.

🏖️ Benefits

• JD Power is committed to employing a diverse workforce • Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability. • Should you require accommodations during the recruitment and selection process, please reach out to [email protected]. • JD Power does not disclose your personal data to unauthorized third parties.