Chief Information Security Officer

by | Feb 7, 2025 | Uncategorized

About the Role

Title: Chief Information Security Officer

Location: REMOTE, REMOTE, US

Job Description:

We, at Leggett & Platt Inc., are searching for a Chief Information Security Officer (CISO) to help support our strategic business objectives. As a global-diversified manufacturing company, it’s sometimes hard to explain all the different things we do. We like to say, “we’re the biggest company no one has ever heard of.” We are confident you interact with one of our products in your daily life without knowing it. Whether it’s the mattress you sleep on, the car you drive, the plane you fly on, or the furniture you sit on, our high-quality components are there supporting you. If you join our team, your work will ensure people across the world have a little more comfort in their lives.

As our CISO, you will report to and partner with the Chief Information Officer and work in conjunction with our Executive Leadership Team and Board of Directors. You will help execute the cybersecurity strategy and lead Cybersecurity Operations in a fast-paced, results-driven, multi-national manufacturing organization. Your contributions will have a direct impact on the business by helping set the cybersecurity vision, architecture, policies, and standards for Leggett & Platt’s IT and Operational Technology (OT) operations enterprise-wide. The high-performing team and external partners you will be working with are subject-matter experts in their field, and value a leader that brings a robust background in OT and in the Payment Card Industry (PCI) to help them grow and develop capabilities.

So, what will you be doing as CISO?

  • Contribute, implement and monitor a strategic, risk-based, comprehensive enterprise IT/OT cybersecurity program that aligns with business objectives
  • Drive security standards and change management across the organization, including information security policies and guidelines (data privacy, data classification, endpoint security, training, testing, etc.)
  • Evaluate the organization’s ability to detect, prevent, mitigate, and respond to all security threats
  • Work directly with the business to facilitate cybersecurity risk assessment and cybersecurity risk management processes
  • Contribute to the architecture and engineering of new security systems, including evaluation of technical designs and penetration testing
  • Monitor the external environment for emerging threats and proactively consult with stakeholders on appropriate courses of action
  • Engage leaders across the organization to build strong relationships, communicate the cybersecurity strategy, reinforce compliance and cybersecurity policies, and partner on key information security initiatives
  • Provide guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans
  • Provide leadership to the enterprise’s information security organization, and lead day-to-day cybersecurity measures, investigations of any control failures, and continuous improvement initiatives
  • Manage the Cybersecurity Operation team’s employee development by setting and evaluating goals, providing feedback, and employing development techniques to enable employees to realize their potential
  • Develop response protocols and disaster recovery plans for any cyber-attacks or compromised data
  • Develop and provide training and awareness of Cybersecurity policies and procedures

To be successful in this role, you’ll need:

  • Bachelor’s degree in Information Technology, Engineering, Business Management, Operations Management, or related field, or suitable combination of education, experience, and training
  • 7+ years of information technology or operations technology experience focusing on infrastructure, architecture, risk management, business management, and information security/cybersecurity
  • Proven track record and experience contributing to information security strategy and programs, including successful implementation in large, multinational enterprises in the manufacturing industry
  • Capability to anticipate risk, mitigate vulnerabilities and align security initiatives with the broader business goals
  • Strong communication skills with the ability to convey security information to both technical and non-technical audiences in a way that inspires adoption and adherence to security policies and programs
  • Demonstrated understanding and interest in multiple security platforms and layers including: Anti-virus, Firewalls, Proxy Servers, Intrusion Prevention Systems, Logging Correlation/Management along with SIEM tools, Penetration Testing, Operating Systems, Network Protocols, Mobile Device Management, and Incident Response
  • Strong experience in one or more of Networking, Cloud, Microsoft Active Directory, Manufacturing IoT/Industrial Control Systems, Application Development, Ecommerce, PCI, or ERP with willingness and interest in learning and leading the others in the context of Cybersecurity
  • Experience with threat analysis, sensitive information protection, and incident response management

Things we consider a plus:

  • CISSP and/or CISA certification
  • Ability to direct scripting in common languages, such as PowerShell or Python
  • Networking or Application Development or Enterprise Application experience
  • Experience with PCI and cybersecurity framework, such as NIST or ISO

APPLY HERE