Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For list for six consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.Job SummaryBusiness Information Security Principal Summary
The Business Information Security Principal will be a focal point for effective engagement between Information Security Office and business areas.
This role will be a trusted adviser to senior business and technology stakeholders and provide broad knowledge of Information Security strategies, policies, processes, architecture and road maps to enable divisions/business to understand and meet Information Security requirements.
The Business Information Security Principal role will report to the VP of Risk and Governance with a dotted line reporting to the Divisional IT leadership and would work closely with the business, would operate within the Company's information security risk appetite.
This individual will be an essential business partner and will take responsibility for managing information security risk for the business and will be required to support business units with the design and implementation of central security strategies.
The role will focus on ensuring that Information Security is considered in respect of all elements of Business. Essential Functions
- Build and maintain effective relationship with a division's Business and Technology stakeholders. Be the voice of Information Security in the division/business area and the voice of the business within Information Security.
- Own and communicate the divisional roadmap for compliance to Information security requirements. Align Information Security responsibilities and working practices of divisions and InfoSec. Identify and resolve risks and issues.
- Facilitate planning, introduction, delivery of Information Security services and initiatives to support compliance activities, security audits; security capability / maturity improvement; delivery of point services such as vulnerability assessments, project risk assessments, vendor assessments; delivering targeted security and risk briefing
- Responsible for demand management for security and collaboration across the Information Security team to balance supply and demand of security and divisional resources
- Contribution to development and implementation of security architecture, and the design of Information Security service and processes
- Demonstrate to stakeholders that appropriate controls are in place and own/create actions plans to manage improvement or change where necessary
- Advise stakeholders on how to achieve the relevant controls and assist with solutions to support them
- Where necessary, ensure that processes are documented and communicated in language that is relevant and understandable to international and /or non-technical audiences
- Ensure that all proposed technical solutions include requirements and maintain the integrity of the infrastructure
- Look for opportunities to inform, engage or train others to make the best use of Problem and Change management for Security
- Support and deliver security initiatives as needed and be in a position to demonstrate and track progress to stakeholders
- Required to perform duties outside of normal work hours based on business needs
Complexity & Impact
Troubleshoot and guide others on a wide variety of complex problems and identify solutions within broad application and functional expertise
Work to define, drive and implement broad based conceptual issues
Participate with and heavily influences management for defining requirements and setting organizational objectives
Negotiate, persuade, and gain consensus from senior management, cross functional teams, business communities, and external customers impacted by process implementation
Supervision /Level of Instruction
May or may not supervise others
Regularly lead cross functional teams to implement multiple processes within a broad business function
Assign work to cross functional team members and monitors multiple project status and completion
Actively identify issues, seek out solutions and makes recommendations to the broad business community to apply customized solutions to solve business problems
Knowledge and Skills/Technology Used
An ability to interact with Information Security colleagues, build good relationships at all levels and across all business units and organizations, and the ability to influence stakeholders of all levels
Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience
Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams
Highly self-motivated and directed, with particular attention to detail
A good understanding of Security frameworks including ISO27001/NIST
Generally requires a BS Degree or equivalent work experience
Licenses or Certifications
Relevant industry certification such as CISSP, CISM, CRISC or similar
Typical Range of Experience
5+ years in a similar role in a large international organization
Typically have 8+ years of directly related experience
First American invests in its employees' development and well-being, empowers them to provide superior customer service and encourages them to serve the communities where they live and work. First American is committed to diversity and inclusion. We are an equal opportunity employer.
Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.