Chief Information Security and Infrastructure Officer (CISIO)

Chief Information Security and Infrastructure Officer (CISIO) Location Durham, NC : Clorox is the place that's committed to growth - for our people and our brands. Guided by our purpose and values, and with people at the center of everything we do, we believe every one of us can make a positive impact on consumers, communities, and teammates. Join our team. #CloroxIsThePlace Your role at Clorox: We are seeking a dynamic and experienced professional to fill the role of Chief Information Security and Infrastructure Officer (CISIO). This Vice-President position is a unique blend of leadership responsibilities in both cybersecurity and IT infrastructure domains. The ideal candidate will possess a strategic mindset, extensive technical expertise, and a proven track record in successfully managing and enhancing the security and infrastructure landscape of an organization. The CISIO will be responsible for establishing the strategy and implementing the information security program, and providing leadership direction for Infrastructure, Network Operations and Operational Technology across the enterprise. The CISIO will report to the Chief Information and Data Officer (CIDO) and will play a lead partner role with our business heads and other senior executives to ensure availability, integrity and confidentiality of our information assets and trusted relationships are established across our ecosystem. Chief Information Security and Infrastructure Officer (CISIO) assumes a multifaceted role with three key responsibilities. Firstly, they serve as the process owner and pivotal decision-maker for all assurance activities, ensuring the availability, integrity, and confidentiality of consumer, business partner, employee, and business information in accordance with the organization's information security policies. Secondly, takes charge of directing Enterprise Cybersecurity programs and enterprise committees that span the entirety of the company's digital domains. This involves driving comprehensive and consistent practices to identify, measure, monitor, report, and manage operational risks. Lastly, plays a central role in the technological evolution of legacy infrastructure, data center operations, and IT/OT environments. This encompasses the development of resiliency and modernization strategies for assets, as well as the acceleration of cloud adoption and advanced computing capabilities. In essence, you will be instrumental in safeguarding information assets, managing operational risks, and spearheading technological advancements across the organization. In this role, you will: 1. Establish and communicate the organizational strategy, policies, and standards for Information Security.

• Identify and protect against key threats relative to the criticality of information assets of the Company.
• Evaluate security trends, evolving threats, risks and vulnerabilities then applies capabilities and tools to mitigate and measure risk.
• Support the development and rollout of new products and services with embedded security and resiliency.
• Report to the CIDO, CEO and Board on key risks and management's plans to remediate them. Ensure information security risk is managed within the risk appetite approved by the CIDO, CEO and Board.
2. Act as a strategic advisor to the business heads on cybersecurity incidents and govern cross-functional alignment with trust and confidence.
• Accountable for the consistent implementation and oversight of information security policies and practices across the company working closely with the business heads, CIDO, General Counsel and their teams.
• Create a culture of cybersecurity awareness, engagement and ownership, driving behavioral changes within EDT and the Enterprise.
• Leads the Enterprise Security Council.
3. Owns relationships and works with internal and external partners to help assess and mitigate all online assets and 3rd party data risks.
• Establish a robust incident response plan and be accountable for managing cyber crises across the organization and coordinating with external agencies including law enforcement and external counsel.
• Provides Cyber Security policies and procedures that protect and align to the Direct-to-Consumer (DTC) Business and Cloud assets.
• Conduct regular risk assessments to proactively identify and remediate risks. Support information security and third-party audits as required.
4. Architect the technical strategy and standards for infrastructure to enable delivery and high availability of standard, resilient and secure and business applications, as well as products that keep the Company at the forefront of digital and technological growth.
• Lead the design, implementation, and ongoing maintenance of a resilient and scalable IT infrastructure.
• Ensure the availability, reliability, and high performance of network, server, and storage systems.
• Develop Disaster Recovery plans and facilitate tabletop exercises to address security breaches and infrastructure disruptions.
5. Serves as member of the Enterprise Data & Tech Leadership Team (EDTLT) and drives Enterprise Talent Management.
• Build, maintain and foster relationships with EDT Leadership peers.
• Hire, train, develop & retain high quality talent.
• Create, manage and monitor the changing skills and experience requirements for information security and tech roles.
• Sponsor and lead enterprise culture and engagement forums.
What we look for:
• 20+ years of IT infrastructure and information security experience.
• 8+ years leading an advanced enterprise information security practice.
• Experience developing and executing security governance programs for leading edge Digital Commerce and Consumer-facing solutions is HIGHLY desired.
• Must have an informed point of view and experience with tools and policies surrounding intruder prevention, detection and response.
• Must have actively participated in creating response protocols as part of a holistic business continuity program.
• Bachelor's degree in information technology engineering or experience in a related field.
• CISSP is desired.
• Existing CISO or a strong number 2 with blended Security and Infrastructure experiences will be considered.
Workplace type: Hybrid - 3 Days in Office We seek out and celebrate diverse backgrounds and experiences. We're looking for fresh perspectives, a desire to bring your best, and a non-stop drive to keep growing and learning. At Clorox, we have a Culture of Inclusion. We believe our values-based culture connects to our purpose and helps our people be the best versions of themselves, professionally and personally. This means building a workplace where every person can feel respected, valued, and fully able to participate in our Clorox community. Learn more about our I&D program & initiatives here . Benefits we offer to help you be well and thrive:
• Competitive compensation
• Generous 401(k) program in the US and similar programs in international
• Health benefits and programs that support both your physical and mental well-being
• Flexible work environment, depending on your role
• Meaningful opportunities to keep learning and growing
• Half-day Fridays, depending on your location
Please apply directly to our job postings and do not submit your resume to any person via text message. Clorox does not conduct text-based interviews and encourages you to be cautious of anyone posing as a Clorox recruiter via unsolicited texts during these uncertain times. To all recruitment agencies: Clorox (and its brand families) does not accept agency resumes. Please do not forward resumes to Clorox employees, including any members of our leadership team. Clorox is not responsible for any fees related to unsolicited resumes.