Pay benefits and more.
We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability and the opportunity to participate in a company incentive plan.
What you’ll do on a typical day:
- Provide strategic consulting to the business by providing Information Security subject matter expertise to help the business make informed decisions based on the BU’s risk appetite
- Act as a single point of contact for business, representing the GSO, and provide a comprehensive view of GSO services provided; present risk and security posture view to the businesses and provide oversight by acting as a CISO delegate
- Ensure that security services, programs, and processes are embedded and implemented into the businesses, including implementation and coverage of security technologies, monitoring functions, policy awareness, training and awareness, application security services, security SME, client support, third party security, etc.
- Act as conduit for business and regional leadership feedback into GSO programs, in support of process improvements; act as the CISO delegate within the business unit to influence positive change to its Information Security posture through regular engagement and collaboration
- Oversee Information Security support for businesses through regular interface with GSO Tower Leaders and teams; influence and provide input to the Global Tower Leaders in defining their goals and creating global consistency for their teams and towers; work closely with consulting/SME tower in utilizing SME/consulting services according to business/project needs
- Obtain report and matrix from respective towers and other GSO functions to present a comprehensive view of security statuses and/or services provided
- Act as Incident Commander in support of incidents and investigative activities, and maintain responsibility for all aspects of an emergency response; including quickly developing incident objectives, managing all incident operations, and application of resources
What you need to succeed at XPO:
At a minimum, you’ll need:
- Bachelor’s degree in Computer Science or related field, or equivalent experience
- 6 years of experience in Information Security
- 5 years of demonstrable experience in technology
- Solid understanding of application security practices, key network and technical security controls, and IT Risk and Security governance
It’d be great if you also have:
- Certified CISA, CISM or CISSP and/or ISO 27001 Lead Auditor Certification
- 2 years of experience in management, project and program management
- Experience with automation and efficiency to improve programs and processes
- Proven interpersonal, leadership, and collaboration skills with the ability to effectively supervise, coach, and influence employees
- Excellent verbal and written communication skills
- Strong complex problem solving and analysis skills
- Process driven and detail oriented
Be part of something big.
XPO provides cutting-edge supply chain solutions to the world's most successful companies, including Disney, Pepsi, L'Oréal, Toyota and many others. We’re the fastest-growing transportation company on the Fortune 500 list, and we’re just getting started.
We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran, or other protected status.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time-to-time, as needed.