About Our Client

Our client is recognized as a global industry leader in the BPO and customer experience sector, with key operations across the USA, Mexico, and the Philippines. Serving multiple Fortune 500 and blue-chip enterprises, they consistently outperform competitors on client delivery, quality, and satisfaction.

With 13,000+ employees worldwide, 24x7 operations, and a strong, collaborative executive team, this company continues to grow from strength to strength. Its success is grounded in a culture that balances performance and people - creating a workplace where leaders are empowered, teams are supported, and customers feel the difference.

The Opportunity

This is a hybrid executive role combining Information Security, Internal Audit, and Enterprise Risk Management within a single global mandate. The Chief Information Security Officer will lead the organization’s security, audit, and risk posture across all markets, ensuring resilience, compliance, and client trust while enabling growth and innovation.

This is both a guardian and an enabler role - protecting the organization while empowering digital transformation and customer confidence.

Compensation & Setup

• Competitive base Up to $250 K – $290K USD + 30 % bonus, depending on scope and experience.

• Hybrid presence in Bloomington, IL (3 days/week).

• US work authorization required. No visa sponsorship available.

Information Security

• Define and execute a global security strategy aligned with business goals and leading frameworks (NIST CSF, ISO 27001, SOC 2, PCI DSS, HIPAA, PH Data Privacy Act, Mexico LFPDPPP).

• Build and operate global Security Operations (SOC, SIEM/SOAR, incident response, threat hunting, vulnerability management, endpoint and cloud protection).

• Oversee IAM, PAM, Zero Trust, data lifecycle management, encryption, and secure SDLC.

• Lead incident response including Board and client communications, post-incident reviews, and learning loops.

• Strengthen third-party/vendor risk management, simplifying client audit responses and reducing repeat findings.

• Deliver security certifications and compliance audits on schedule and without repeat observations.

Internal Audit

• Build and staff a global Internal Audit function independent of IT and Finance.

• Develop annual audit plans based on enterprise risk; cover US, Philippines, and Mexico operations.

• Conduct audits across IT, Operations, HR, Finance, and Compliance, issuing reports with actionable findings.

• Provide quarterly updates to the Audit Committee and coordinate with external auditors and regulators.

Enterprise Risk Management

• Establish a company-wide ERM framework aligned to COSO or ISO 31000.

• Maintain a live risk register with KRIs/KPIs; lead risk workshops with senior leaders.

• Oversee BCP/DR testing, tabletop simulations (cyber, outage, fraud, privacy).

• Integrate risk insights into strategic planning, client assurance, and M&A due diligence.

Leadership & Culture

• Build and mentor a multi-country team spanning Security, Audit, and Risk disciplines.

• Drive a culture of proactive risk awareness and measurable security maturity.

• Influence peers across Operations, Finance, Legal, and Client Delivery to embed security thinking in daily decisions.

• Represent the company to clients, auditors, and industry peers as a trusted thought leader.

What You’ll Bring

• 15+ years in Information Security, Risk, or Audit, with 5+ years in enterprise-level leadership.

• Proven record building or transforming Internal Audit and/or ERM frameworks in large enterprises.

• Hands-on experience managing major incidents and presenting to Boards or Audit Committees.

• Demonstrated success achieving SOC 2 / ISO 27001 certifications and managing regulatory inspections.

• Degree in IT, Information Security, Accounting, or related field; Master’s or MBA preferred.

• Certifications: CISSP required; one or more of CISM, CRISC, CISA, CIA, CPA, ISO 27001 Lead Auditor highly valued.

• Board-credible communication style, balancing technical depth with commercial pragmatism.

  
  

The Ideal Profile

You’re an executive who can bridge security, risk, and business value. Equally comfortable with a Board deck, a client security audit, or a post-incident debrief, you translate complexity into clarity. You build teams that are structured, measurable, and globally aligned - and you bring calm, credibility, and direction in moments that matter.