Vice President, Information Security - Chief Information Security Officer

RTI International (RTI) is both a global research institute and a leading international development organization based out of North Carolina. At RTI, you will find work you believe in, tackling some of the most complex global challenges of our time. Our mission is to impact the wellbeing of 1 billion people by 2030 through science-based solutions in climate, education, health, and equity. Our staff promotes meaningful change around the world helping people live healthier, more productive, and more independent lives.

If you are looking for an opportunity to make a real difference, RTI is the place for you. Join us in our commitment to teamwork, belonging, and the passion to change the world.

We are seeking a Vice President, Information Security - Chief Information Security Officer (CISO) to join our Global Technology Solutions (GTS) leadership team.

As a pivotal leader within GTS, the CISO will maintain an independent perspective by reporting to the General Counsel in a dotted line capacity, fostering close collaboration with the legal team and all RTI's Risk Management functions.

GTS is at the forefront of RTI's digital transformation journey, addressing the technology needs of the Institute. By delivering top-tier technical support, resources, and services, GTS empowers staff to work efficiently and effectively, all while adhering to RTI's policies. Beyond just support, GTS drives innovation by providing cutting-edge technology solutions that bolster the Institute's Business Units and General and Administrative functions. GTS's mission is to position RTI as a global leader in pioneering innovative solutions to technological challenges.

The selected individual will provide Cybersecurity guidance, advice and monitoring to the CIO, RTI's Executive team and Board of Governors. By integrating best industry practices, the CISO will ensure the Institute remains resilient against Cybersecurity threats and preserves from Institutional impacts. Key responsibilities include developing a comprehensive Institute Global Cybersecurity Strategy and Approach that balances effective client work execution with stringent security guidelines for both client and Institute enterprise data. In this role, the CISO will spearhead critical cybersecurity initiatives such as Data Loss Prevention (DLP) and Network Access Control (NAC), enhancing RTI's security posture through cutting-edge technological solutions. The CISO will also work collaboratively to select and implement security measures that meet compliance and contractual requirements, address vulnerabilities, and defend against security breaches.

To be successful in this role, you will possess the following skills and abilities:

Leadership and Collaboration:

• Ability to work with Executive and Board of Governors Level.
• Team-oriented and skilled in working within a collaborative environment.
• Ability to work well with others.

Analytical and Problem-Solving:

• Proven analytical and problem-solving abilities.
• Ability to conduct research into IT security issues and products.
• Keen attention to detail and accuracy.

Communication:

• Excellent written, oral, and interpersonal communication skills.
• Ability to present ideas in business-friendly and user-friendly language.

Personal Attributes:

• Highly self-motivated and directed.
• Ability to prioritize multiple tasks.
• Ability to work independently.
• Ability to keep information strictly confidential when necessary.
• Ability to obtain proper security clearances as noted by contracts.

Flexibility and Adaptability:

• Ability to travel as needed to domestic and international locations

The essential duties of this role are:

Collaboration and Communication:

• Interfaces with Global Technology Solutions (GTS) teams and business unit (BU) leaders to enhance enterprise security and ensure compliance.
• Interfaces with BUs and GTS teams to implement and maintain cybersecurity measures for client data.
• Engages external cybersecurity advisors for independent advice to Executives and the Board of Governors.
• Develops and communicates security strategies and plans to staff, partners, and stakeholders.
• Collaborates with IT Compliance for enforcement of security policies and user access plans.
• Advises and educates executives, management teams, and end users on security importance and benefits.
• Collaborates with IT department leads to maintain RTI data and asset security.
• Collaborates with Privacy and Compliance officers to ensure compliance with security and privacy policies.
• Promotes and maintains strategic security relationships with internal and external entities, including vendors and partners.

Security Management and Implementation:

• Participates in IT cybersecurity initiatives, including DLP, NAC, Vulnerability Management, and Threat Analysis.
• Participates in planning efforts to achieve business goals through security technology management.
• Reviews and administers all computer security systems and associated software.
• Manages vulnerability assessments, penetration tests, and security audits.
• Responds to investigation requests from Legal and Compliance and provides first-level response to security incidents.
• Implements security metrics to measure RTI's security posture effectiveness.
• Assesses and communicates security risks associated with company practices.
• Stays informed on security industry trends and emerging technologies.

Strategic and Operational Oversight:

• Provides input into the security annual budget for purchasing, staffing, and operations.
• Supervises recruitment, development, retention, and organization of security staff.
• Provides mentoring, guidance, and performance reviews for staff.
• Ensures staff development, career progression, and high morale.
• Guides promotion and succession processes.
• Holds strategic and operational accountability for managed groups.
• Interacts with senior levels of the organization to develop and deliver accountability.
• Contributes to strategic and operational issues with senior managers.
• Provides full oversight of the function, leveraging new methodologies to advance the business.
• Leads the development of the function, ensuring sufficient resources and skill sets.
• Identifies and implements improvements in work processes.
• Manages staff through performance planning, development, and evaluation processes.
• Ensures practices to drive high staff morale and retention.

Scientific/Technical Management:

• Writes and reviews proposals, mentors staff, and participates in business development activities.
• Leads or supports complex projects and mentors staff in project leadership.
• Oversees the development and adherence to standard operating procedures.
• Ensures professional credibility with key organizations.
• Helps develop the scientific and/or professional stature of staff.

Bachelor's Degree and 20 years of experience, Master's degree and 16 years of experience, PhD and 12 years of experience, or equivalent combination of education and experience.

A combination of both federal contracting and commercial experience required!

To qualify, applicants must be legally authorized to work in the United States, and should not require now, or in the future, sponsorship for visa employment status.

Preferred Technical Knowledge:

• Technical knowledge of infrastructure, application, and cloud security models (AWS).
• Knowledge of information security standards, rules, and regulations related to information security and data confidentiality on a global perspective.
• Knowledge of relevant legal and regulatory requirements, such as HIPAA and FISMA.
• Excellent knowledge of MS Word, Outlook, PowerPoint, Excel.

Core Competencies

• Performance Management
• Business Process Improvement
• Team Management and Team Building
• Internet of Things (IoT) Security
• Cyber Security
• Information Security Audits
• Information Security Technologies
• Network and Internet Security
• Security Systems
• Risk Assessment

For San Francisco, CA USA Job Postings Only: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Further information is available here.

RTI accepts applications to our job openings from candidates with criminal histories or conviction records in accordance with all applicable laws, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

For Applicants in Massachusetts Only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

The anticipated pay range for this role is listed below. Our pay ranges represent national averages and may vary by location as a geographic differential may be applied to some locations within the United States. RTI considers multiple factors when making an offer including, for example: established salary range, internal budget, business needs, and education and years of work experience possessed by the applicant. Further, salary is merely one element to our offer.

At RTI, we demonstrate our commitment to rewarding individual and team achievement through a total rewards package. This package includes (among other things) a competitive base salary, a generous paid time off policy, merit based annual increases, bonus opportunities and a robust recognition program. Other benefits include a competitive range of insurance plans (including health, dental, life, and short-term and long-term disability), access to a retirement savings program such as a 401(k) plan, paid parental leave for all parents, financial assistance with adoption expenses or infertility treatments, financial reimbursement for education and developmental opportunities, an employee assistance program, and numerous other offerings to support a healthy work-life balance.