Office of the CISO Cybersecurity Strategy Lead

---

Job description

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Summary

We are seeking an experienced and knowledgeable strategist to join Northwestern Mutual's Information Risk and Cybersecurity team. The ideal candidate will possess a strong background in cybersecurity strategy, risk assessment and industry best practices. The primary focus will be on developing and implementing security strategies, with a specific focus on implementation of Zero Trust frameworks. Exceptional strategic thinking, communication, and leadership skills are essential for success in this role.

Key Focus Areas Include

• Establishing and Developing Cybersecurity Strategies: Help develop a department-wide cybersecurity strategy, including a 3-5-year roadmap aligned with organizational goals, and implement Zero Trust frameworks to ensure a strong foundation for future security measures.

• Leveraging Industry Knowledge: Utilize industry best practices to inform and shape cybersecurity strategies.

• Collaboration Across Teams: Partner with internal IRC teams, external stakeholders (e.g., other departments, etc.) to align cybersecurity strategies and strengthen cross-functional partnerships, ensuring cohesive security practices across the organization.

• Strategic Analysis and Recommendations: Provide analysis, recommendations, and options to department leadership team for high-impact decisions.

• Consistent Operating Model: Assist in developing and maintaining a consistent operating model for the Office of the CISO.

• Strategic Advisor: Serve as a thought leader and trusted advisor to the VP of Cybersecurity Strategy & Ops and leaders within the division.

• OCISO Strategy Development: Direct the development of OCISO strategies, ensuring alignment with key priorities and outcomes.

• Leadership in Strategic Initiatives: Lead department and division strategic initiatives that drive divisional value.

Primary Duties & Responsibilities

• Strategic Planning: Establish and direct the 3-5-year strategic plan, identifying gaps between long-term strategy and current performance, and recommending solutions to close these gaps.

• Strategic Influence: Shape the strategic direction by bringing relevant external and internal insights to strategic discussions.

• Strategy Execution: Design and support the execution of strategy with department and cross-functional leaders to advance strategic dialogue and decisions.

• Department Strategy Alignment: Collaborate across the department to develop a departmental strategy map that aligns with enterprise strategies.

• Goal Setting and Evaluation: Help shape OCISO's division goals and divisional OKRs, establishing leading measures to evaluate progress and help manage divisional planning.

• Stay Informed: Keep up to date with new and emerging threats, recommending strategic initiatives to mitigate risks.

• Regulatory and Best Practices: Stay informed about security changes impacting regulatory, privacy, and industry best practices.

• Communication and Awareness: Develop and deliver presentations to increase awareness and understanding of the cybersecurity strategy, priorities, measures, and management activities within the department.

Qualifications:

• A bachelor's or master's degree in computer science, Cybersecurity, Information Technology or related field is preferred.

• Minimum of 5-7 years of experience in the cybersecurity field, with a focus on strategy development, risk assessment and implementation, with at least 3 years in leadership role.

• An in-depth understanding of cybersecurity frameworks, methodologies, and tools.

• Strategic thinker with ability to align cybersecurity initiatives with business objectives; experience leading cybersecurity strategy and transformation.

• Strong understanding of cybersecurity principles, frameworks (e.g. NIST CSF), industry hardening baselines (e.g. CIS), industry standards and regulatory requirements (e.g. NYDFS).

• Experience with implementation of Zero Trust frameworks including experience in the following specific to Zero Trust: baseline assessment, stakeholder engagement, change management, risk management, cost benefit analysis, regulatory & compliance considerations and integration with existing systems.

• Familiarity with network security, application security, cloud security, data security and identity and access management are beneficial.

• Strong project/program management skills. Strong strategic agility, critical thinking, problem solving and analytical skills, with the ability to prioritize and manage multiple projects simultaneously in a fast-paced environment.

• Excellent communication skills (both written and verbal) with ability to influence across boundaries and build strong partnerships within the department, function and across the enterprise; ability to present complex topics clearly and concisely with stakeholders at all levels of the organization

• Ability to deal with ambiguity and provide innovative solutions to complex problems.

• Continuous improvement mindset, actively seeking opportunities to improve processes and capabilities.

• Broad knowledge of current and emerging industry trends and directions.

• Relevant certifications from reputable cybersecurity industry organizations including CISSP, CISM, CRISC, GIAC, ISC(2) or similar certifications are highly desirable.

Compensation Range:

Pay Range - Start:

$100,030.00

Pay Range - End:

$185,770.00
Northwestern Mutual pays on a geographic-specific salary structure and placement in the salary range for this position will be determined by a number of factors including the skills, education, training, credentials and experience of the candidate; the scope, complexity as well as the cost of labor in the market; and other conditions of employment. At Northwestern Mutual, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Please note that the salary range listed in the posting is the standard pay structure. Positions in certain locations (such as California) may provide an increase on the standard pay structure based on the location. Please click here for additiona l information relating to location-based pay structures.

Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in California, Colorado, New York City, Washington or outside of a Corporate location, please click here for information pertaining to compensation and benefits.

FIND YOUR FUTURE We're excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.

• Flexible work schedules
• Concierge service
• Comprehensive benefits
• Employee resource groups

PandoLogic. Category:Technology,

<!– job description page –>