At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live.  As a recognized market leader of term life insurance, we’re working to transform our business through innovation and technology to provide products and solutions that help American families secure their financial futures.

We are a future-focused company, passionate about what we do and how we do it. This means working with pace and energy to reach our goals, and challenging ourselves to achieve more.  We strive to create a unique environment where balance between work and life is possible. Our employees' passion, dedication and hard work, as well as our career development opportunities, benefits, and employee activities contribute to our positive workplace culture.

The Chief Information Security Officer (CISO) is a senior leadership role with a primary focus on providing vision and leadership for all aspects of Information Security. This position serves as the trusted source of information, cyber security governance, and risk expertise for both IT and business functions, aligning with the organization's strategic objectives.

Information Security / Cyber Security

1. Develop and implement comprehensive enterprise information security strategies, programs, standards, and policies, ensuring protection against unauthorized access and use. Monitor and enforce policy compliance.
2. Implement and oversee the LGA’s cybersecurity program/framework, adhering to U.S. regulatory/compliance requirements and L&G Group reporting.
3. Evaluate recommendations for new information security/cloud technologies, providing formal feedback, and assessing countermeasures against emerging threats.
4. Monitor information security issues related to systems and workflows, ensuring internal security controls are effective and operational.
5. Collaborate with internal teams and IT partners to monitor and enhance controls against IT and information security incidents. Lead investigations and develop corrective action plans when incidents occur.
6. Review and provide feedback on annual penetration testing and vulnerability assessments, recommending additional testing/assessments/remediation as needed.
7. Conduct business-wide security reviews, oversee remediation plans, and promote security awareness through educational programs.
8. Present annual reports to the LGA Board of Directors on material cyber and security risks, mitigation factors, and other reports as needed.
9. Assess compliance with NYDFS Cybersecurity Regulations and other cybersecurity reporting requirements, maintaining evidence for annual certification.
10. Stay informed about relevant legislation, regulations, and best practices, monitoring IT and Information Security trends, and fostering a network of CISOs and security professionals in the Financial Services community

Risk Management 

1. Promote and embed a risk management culture across LGA, ensuring effective systems and controls to manage and mitigate information/data security risk.
2. Provide first-line support/steer for IT, Security, and LGA projects regarding information security.
3. Chair the Cybersecurity Steering Committee, fulfilling associated responsibilities outlined in the Committee’s Terms of Reference.
4. Conduct periodic risk assessments of the company’s information systems and report findings.
5. Oversee security due diligence of new systems, suppliers, and partners.
6. Ensure effective resolution of escalated and high-severity security incidents.
7. Complete all other projects/tasks as assigned.

Education

• BS, Information Systems; Cyber Security or Related Discipline.
• MBA and/or master’s degree preferred.

Experience/Knowledge

• 10+ years of Technology and/or Risk Management leadership with a specific focus on Information Security.
• Experience working with regulatory frameworks.
• Knowledge of information security frameworks and best practices such as NIST, ISO, COBIT, and COSO.
• Advanced knowledge of desktop, server, application, database, and network security principles for risk identification and analysis.

Skills

• Excellent written and verbal communication skills, effectively conveying security and risk-related concepts to technical and non-technical audiences.
• Strong interpersonal and collaborative skills.
• Proven experience in developing information security policies and procedures, successfully executing programs in a dynamic environment.
• Highly self-motivated and detail oriented.
• Proven creative, analytical, and problem-solving skills.
• Passion for excellence in infrastructure modernization, automation, and proactive monitoring.

Certifications (helpful but not required)

• CISM; CISA; CISSP

What’s in it for you?

The expected hiring compensation range for this position is $175,000 - 200,000 annually.

The total compensation package for this position may include other elements, such as a sign-on bonus, long term incentives, and annual bonuses.  This role is eligible to participate in the Legal & General America Annual Incentive Plan. The current target payment for the position is 37.5 - 40% of base salary, modified for corporate and individual performance. Bonuses are pro-rated based on start date.  This role has 20 vacation days and 10 sick days that are accrued on a bi-weekly basis. Employees also have 9 paid holidays throughout the calendar year.

We have a competitive compensation and benefits package focused on your overall wellbeing.  Employee benefits include health, life, and dental insurance; 401K with company match up to 6% as well as a pension package; generous time off; and wellbeing initiatives throughout the year (we like doing fun stuff).  We’re big on professional development and we’ll support and mentor you in your career progression and expect you to help us pay it forward by helping us develop tomorrow's leaders and growth-focused professionals. We value our teams and our communities and believe in giving back. Enjoy time off to volunteer for those causes that matter most to you!

If hired, employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. The Company reserves the right to change benefits plans at any time.

We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request accommodation.