Chief Information Security Officer » Date:Feb 6, 2025 Location: REMOTE, REMOTE, US Company: Leggett & Platt We, at Leggett & Platt Inc., are searching for a Chief Information Security Officer (CISO) to help support our strategic business objectives. As a global-diversified manufacturing company, it’s sometimes hard to explain all the different things we do. We like to say, “we’re the biggest company no one has ever heard of.” We are confident you interact with one of our products in your daily life without knowing it. Whether it’s the mattress you sleep on, the car you drive, the plane you fly on, or the furniture you sit on, our high-quality components are there supporting you. If you join our team, your work will ensure people across the world have a little more comfort in their lives. As our CISO, you will report to and partner with the Chief Information Officer and work in conjunction with our Executive Leadership Team and Board of Directors. You will help execute the cybersecurity strategy and lead Cybersecurity Operations in a fast-paced, results-driven, multi-national manufacturing organization. Your contributions will have a direct impact on the business by helping set the cybersecurity vision, architecture, policies, and standards for Leggett & Platt’s IT and Operational Technology (OT) operations enterprise-wide. The high-performing team and external partners you will be working with are subject-matter experts in their field, and value a leader that brings a robust background in OT and in the Payment Card Industry (PCI) to help them grow and develop capabilities. So, what will you be doing as CISO? + Contribute, implement and monitor a strategic, risk-based, comprehensive enterprise IT/OT cybersecurity program that aligns with business objectives + Drive security standards and change management across the organization, including information security policies and guidelines (data privacy, data classification, endpoint security, training, testing, etc.) + Evaluate the organization’s ability to detect, prevent, mitigate, and respond to all security threats + Work directly with the business to facilitate cybersecurity risk assessment and cybersecurity risk management processes + Contribute to the architecture and engineering of new security systems, including evaluation of technical designs and penetration testing + Monitor the external environment for emerging threats and proactively consult with stakeholders on appropriate courses of action + Engage leaders across the organization to build strong relationships, communicate the cybersecurity strategy, reinforce compliance and cybersecurity policies, and partner on key information security initiatives + Provide guidance on information security topics, advising and collaborating on security processes, business continuity, and disaster recovery plans + Provide leadership to the enterprise's information security organization, and lead day-to-day cybersecurity measures, investigations of any control failures, and continuous improvement initiatives + Manage the Cybersecurity Operation team’s employee development by setting and evaluating goals, providing feedback, and employing development techniques to enable employees to realize their potential + Develop response protocols and disaster recovery plans for any cyber-attacks or compromised data + Develop and provide training and awareness of Cybersecurity policies and procedures To be successful in this role, you’ll need: + Bachelor’s degree in Information Technology, Engineering, Business Management, Operations Management, or related field, or suitable combination of education, experience, and training + 7+ years of information technology or operations technology experience focusing on infrastructure, architecture, risk management, business management, and information security/cybersecurity + Proven track record and experience contributing to information security strategy and programs, including successful implementation in large, multinational enterprises in the manufacturing industry + Capability to anticipate risk, mitigate vulnerabilities and align security initiatives with the broader business goals + Strong communication skills with the ability to convey security information to both technical and non-technical audiences in a way that inspires adoption and adherence to security policies and programs + Demonstrated understanding and interest in multiple security platforms and layers including: Anti-virus, Firewalls, Proxy Servers, Intrusion Prevention Systems, Logging Correlation/Management along with SIEM tools, Penetration Testing, Operating Systems, Network Protocols, Mobile Device Management, and Incident Response + Strong experience in one or more of Networking, Cloud, Microsoft Active Directory, Manufacturing IoT/Industrial Control Systems, Application Development, Ecommerce, PCI, or ERP with willingness and interest in learning and leading the others in the context of Cybersecurity + Experience with threat analysis, sensitive information protection, and incident response management Things we consider a plus: + CISSP and/or CISA certification + Ability to direct scripting in common languages, such as PowerShell or Python + Networking or Application Development or Enterprise Application experience + Experience with PCI and cybersecurity framework, such as NIST or ISO Reasons You’ll Love It Here Our benefits offering includes medical, dental, and vision insurance; as well as paid vacation, paid personal time, and various opportunities to give back to your local community. This position is also eligible for long term incentives and a retirement savings 401k with company contribution. One convenient fact about our medical plan, is that we offer tele-visits, so you don’t have to leave the comfort of your home when you are feeling under the weather! We also strongly encourage and provide opportunities for learning and professional development. Our Learning & Development team has put together in-house training on subjects like front-line supervisor essentials, how to manage conflict in the workplace, and many others. What to Do Next Now that you’ve had a chance to learn more about us, what are you waiting for! Apply today and allow us the opportunity to learn more about you and the value you can bring to our team. Once you apply, be sure to create a profile (https://career4.successfactors.com/careers?company=leggettplatt) , and sign up for job alerts, so you can be the first to know when new opportunities become available. Our Commitment to You We’re proud of the fact that we are strongly rooted in being an inclusive, people-focused organization. Our company culture reflects values like integrity, ownership, and authenticity. We take these to heart, and if you do as well, you’ll fit right in. Leggett & Platt Inc. is committed to the full inclusion of all qualified individuals. In keeping with our commitment, Leggett & Platt Inc. will take the steps to assure that people with disabilities are provided reasonable accommodations. Equal Employment Opportunity/Affirmative Action/Veteran/Disability Employer For specific regional privacy notices please refer to our http://privacy.leggett.com/privacy-notices Job Segment: Engineer, Engineering »