Chief Information Security Officer

The Chief Information Security Officer (CISO) leads the Information Security function and is responsible for planning, implementing, and maintaining the information security program for the ASRC enterprise; works closely with senior leadership within the ASRC family of companies regarding information security threats and collaborates with others on cyber security risk matters, helping the company manage its information security risk. This includes the protection of applications and systems that support our internal business operations and delivery of our internal clients’ missions. The CISO provides strategic and tactical leadership to advance ASRC’s Information Security priorities and objectives by ensuring alignment with and achievement of business drivers and strategies and within our corporate risk profile. The CISO is required to be a hands-on visionary and experienced Information Security executive who has extensive experience in data security and risk management; has an excellent grasp of the cyber threat environment; senior leadership experience, and a track record of assisting organizations to make balanced and informed risk decisions. This position primarily works out of ASRC’s Tempe, Arizona offices with some travel required.

1. Serves as the face of Information Security, sets the tone, spurs enthusiasm, and ensures the enterprise’s readiness to execute and to sustain the Information Security strategy and program over the long term.
2. Develops and leads a highly capable Information Security function and team that provides timely visibility and accountability into progress including creates and maintains metrics-guided scorecards and dashboards to keep executive stakeholders apprised of business cybersecurity health.
3. Works with CIO, business stakeholders, and the Information Technology department leadership to define and refine objectives and key results for the Information Security program, managing interdependencies and driving cross functional collaboration.
4. Leads the regular process of refreshing Information Security objectives and key results, working with the CIO, operations, and initiative sponsors.
5. Engages with business partners, customers, and other external stakeholders to ensure high value assets are identified, tracked, and prioritized in the application of cybersecurity programs and activities.
6. Provides strategic cross-functional leadership by integrating shared vision and strategies and highlighting and resolving interdependencies.
7. Develops and maintains key relationships including peer Information Technology leaders and key staff; Compliance, and Legal leaders, as well as with the operating group leadership.
8. Establish effective management routines to integrate workstreams, keep work on track, and to identify issues early enough to course correct, if needed.
9. Provide leadership on change management and communication plans, in coordination with our Corporate Communications team, to successfully move the enterprise to our desired state.
10. Develop and maintain contract / program cybersecurity monitoring capability that ensures secure delivery of services to our customers.
11. Develop and maintain Supply Chain Risk Management (SCRM).

Carry out managerial responsibilities in accordance with the organization's policies and applicable laws. Supervise all employees within the department. Responsibilities include: interviewing, hiring, disciplining, coaching and training, addressing and resolving employee concerns, planning, assigning, directing work and assessing job performance.

ASRC’s Core competencies include Leading Self, Leading People and Leading the Organization. In addition to our core competency model, our framework includes competencies specific to the various levels of positions within our company. For more information on our core competencies please contact the HR Department and reference the ASRC Leadership Framework.

Customer Focus

• Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect.

Drive for Results

• Can be counted on to exceed goals successfully; is constantly and consistently one of the top performers; very bottom-line oriented; steadfastly pushes self and others for results.  

Problem Solving

• Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn't stop at the first answers.

Timely Decision Making

• Makes decisions in a timely manner, sometimes with incomplete information and under tight deadlines and pressure.

Delegation

• Trusts people to perform through clear delegation of both routine and important tasks and decisions.

1. Bachelor’s in Computer Science, IT, or another related field required. Additional experience may substitute for the degree on a year for year basis.
2. Five (5) years’ experience leading a team responsible for system installation, configuration, and analysis, or other related IT work required.
3. Experience supporting a service desk or help desk required.  
4. Knowledge of data protection operations and legislation (e.g., GDPR).
5. Exceptional leadership and organizational skills.
6. Established ability to contemporaneously and successfully manage multiple complex projects and other team members.

Ability to read and interpret documents such as safety rules, operating and maintenance instructions, legal regulations, contracts and procedure manuals. Ability to write routine reports and correspondence in a way that non-IT and non-security professionals understand the concepts. Ability to speak effectively before groups of employees or customers with varying levels of knowledge.

Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. Ability to compute rate, ratio, and percentages and to draw and interpret bar graphs. Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form.  Ability to deal with problems involving several concrete variables in standardized situations.

The physical demands described herein are representative of those that must be met by an employee to successfully perform the essential functions of this position.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to talk or hear.  The employee is frequently required to sit; reach with hands and arms; and to use hands to finger, handle, or feel.  The employee is occasionally required to stand, walk, climb or balance.  The employee must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds.   Specific vision abilities required by this job includes the ability to adjust focus.

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The work environment is in a busy office setting.  The noise level in the work environment is usually moderate. While performing the duties of this job, the employee may be occasionally exposed to outside weather conditions and may be required to travel in small and large commercial aircraft.

NOTE: This document does not create an employment contract, implied or otherwise. The statements contained herein are intended to describe the principal functions of this position, the level of knowledge and skill typically required, and the scope of responsibilities, but should not be considered an all-inclusive listing of work requirements.

ASRC is a drug free workplace and pre-employment drug testing is part of the hiring process.

ASRC and its family of companies are Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, national origin, religion, disability, protected veteran status or any other legal protected status. EOE: M|F|D|V Know Your Rights: Workplace Discrimination is Illegal

Arctic Slope Regional Corporation, an Inupiat-owned corporation created as a result of the Alaska Native Claims Settlement Act.

ASRC's family of companies apply a shareholder preference in employment, to the maximum extent feasible, as authorized by law.