This job might no longer be available.

Chief Information Security Officer

Position Intro

Linden Research, Inc. dba Linden Lab develops platforms that empower people to create, share, and benefit from virtual experiences. Founded in 1999, the company first launched Second Life, the groundbreaking virtual world enjoyed by millions around the globe, in 2003, which has since gone on to boast nearly two billion user creations and a vibrant $500 million (USD) economy.

Tilia Inc. is a wholly-owned subsidiary of Linden Research, Inc., and a licensed money transmitter in the U.S. Tilia enables publishers of video games and virtual worlds to create in-world economies and monetize user interaction. Built from the ground up to be robust, flexible, and secure, Tilia Pay powers virtual economies of leading and cutting-edge publishers with hundreds of millions of dollars in circulation.

Primary Functions

The Chief Information Security Officer (CISO) will serve as the strategic leader and process owner of a comprehensive enterprise information security program to ensure the availability, integrity, and protection of the customer, business partner, associate, and business information assets and technologies. The position is responsible for establishing and maintaining a corporate-wide information security program to protect information assets, including developing an appropriate cybersecurity posture and proper business and disaster recovery protocols.

The CISO is responsible for communicating and working with executive management and the board to determine acceptable levels of risk for the organization that protects its assets and supports business outcomes. The CISO will provide advice and guidance to management to enable leaders to make sound business decisions and serve as an internal resource concerning various external reporting matters. The CISO will manage the Information Security Team and exercise a manager's customary authority concerning staffing, coaching, performance management, promotions, salary recommendations, and terminations.

Responsibilities

• Provide leadership to the company’s information security team by evaluating the IT threat landscape, devising cybersecurity policy and controls to reduce risk, leading auditing and compliance initiatives.
• Develop, implement, and monitor a strategic, comprehensive enterprise information security, cybersecurity, vendor risk management, and disaster recovery/business continuity framework and ongoing program.
• Develop, implement, and monitor disaster recovery and business continuity planning creating cyber resiliency so the company can rapidly recover from hacking, security incidents or infringements.
• Work directly with executive management, the Board of Directors, and the business to facilitate risk assessment and risk management processes.
• Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems and services.
• Partner with business stakeholders across the company to raise awareness of cybersecurity risks.
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
• Work with vendor management to ensure that information security requirements are included in contracts to manage third party risk.
• Create and manage a targeted information security awareness training program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this program for different audiences.
• Liaise with external agencies including state regulatory agencies, federal government agencies, law enforcement and other advisory and/or regulatory bodies to maintain a strong security posture and stay abreast of the relevant threats.
• Partner with the Engineering team to develop security architecture standards and to ensure alignment between security and the company’s architecture framework as a whole.
• Support our culture of engagement and forge relationships among peers, as well as with other areas of the company. While given broad latitude with making decisions relative to their roles and primary responsibilities, they will plan and carry out the work in accordance with previous experience, organizational priorities and by exercising good judgement.

Knowledge, Skills, Abilities

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Professional security management certifications, including but not limited to CISSP, CCISO and CGEIT.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001 and NIST.
• Experience in Agile software development or other best in class development practices.
• Experience with Cloud computing/Elastic computing across virtualized environments.
• Previous experience with contract and vendor negotiations and management.
• Must demonstrate innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
• Must have excellent problem solving abilities, including weighing business opportunities against security risks that can potentially compromise long-term financial and strategic outcomes.
• Excellent written and verbal skills and high level of personal integrity.

Education

• Bachelor’s degree in Business Administration or Information Technology related field of study or equivalent experience and industry recognized security certification such as CISSP, CCISO, or CGEIT.

Experience

• Must have 10+ years of Information Security experience, preferably in Financial Service Industry.
• Must have 5+ years experience leading and developing a team.

Travel Requirements

No travel required.

Physical Demands & Work Environment

The physical demands and work environment described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to use the computer and communicate with coworkers in an office environment. The employee frequently is required to stand or sit to complete work and may occasionally lift and/or move up to 10 pounds.

Linden Lab seeks to maintain a diverse and welcoming workplace; therefore candidates from all backgrounds are encouraged to apply.

Fine Print :

The statements herein are intended to describe the general nature and level of work being performed by employees in this job. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.