The Chief Information Security Officer is responsible for overseeing and leading Western Union’s global IT security programs and policies, standard guidelines, compliance, strategy, operations and budgetary requirements. This position will lead the design, development, implementation and maintenance of information security infrastructure, systems and processes that align with Western Union’s overall global IT security and data privacy needs thus ensuring protection for the organization’s technology infrastructure, assets, customer data and intellectual property.
The role interacts on a regular basis with the CEO, BOD and outside regulators and will act as the main liaison regarding all Information Security matters and governance. The incumbent will also be responsible for leading a global team and supporting a culture of transformation, compliance and high performance.
Role Responsibilities:
Design, develop, implement and monitor a strategic, comprehensive global information security, engineering and IT risk management roadmap to align and scale with company growth, industry (Financial Services) and regulatory environment.
Work directly with the business units to facilitate risk assessment and risk management processes; plan for and manage incident response plans while minimizing effect on the business.
Exercise decision making authority on risk assessments and mitigation, overseeing process to ensure risks have been addressed, acting as policy making authority, creating InfoSec roadmap and technology priorities and solution (tools, vendors) proposals and recommendations, managing department budget.
Ensure operating reliability and stability for Disaster Recovery processes and identity management programs and ensure protection from cyber-attacks, customer fraud, malware and other threats
Prepare financial forecasts for security operations and proper maintenance cover for security assets.
Develop and enhance an information security management framework and anticipate new security threats and stay up to date with evolving technology and solutions.
Understand and interact with other functions to ensure the consistent application of policies and standards across all technology projects, systems and services.
Provide leadership to the global enterprise's information security organization (attract and retain employees that embody both the needed enterprise capabilities and cultural attributes of Western Union).
Partner with business stakeholders across the company to raise awareness of risk management concerns.
Oversee the Security Operations Center (365 days, 24/7).
Serve as the organization’s Subject Matter Expert (SME) for all global information security frameworks, standards and regulations for the business, the CEO, BOD and outside regulators.
Direct the adoption and implementation of IT security, governance and risk policies and procedures across the global enterprise.
Manage relationships with external information security technology vendors, law enforcement, relevant governmental agencies and specialized information security professional services firms.
Proactively identify security issues and potential threats and continuously build processes and design systems to watch for and protect against them.
Manage risks relating to information security, IT business continuity and disaster recovery planning, IT crisis management, IT privacy, and designing and monitoring processes to ensure compliance with IT and information security protocols, and applicable data security regulations.
Oversee investigations, audits and potential security breaches and necessary next steps and communications (internal and external).
Identify and work with peer organizations, government and agencies, and the vendor community to ensure Western Union is at the forefront in this area, both in the US and globally.
Role Requirements:
Information Security and IT Risk leadership experience at the senior-most level within a high-transaction rate, critical-availability and technology-dependent financial services organization.
Bachelor’s degree in computer science, management information systems, business administration, or related discipline highly desirable. Master’s degree preferred.
Minimum of 10 years professional global experience in running the information security function, and analyzing and applying information security risk, IT risk management, and privacy practices.
Current security clearance preferred.
Seven to ten years of progressive people leadership, strategic planning and business transformation experience required.
Possess a high-level of business acumen resulting in an expert level of competence in IT risk assessment and management, IT continuity management, IT governance and policy formulation, and organizational change management.
Proven success in senior level Information Security role in a $1B+ organization
Demonstrated ability to work at and communicate to leaders at the highest level, both internal and external to the organization. History of BOD level accountability.
Expertise in IT security audit procedures, amendments and resolutions.
Excellent written and verbal communication skills and high level of personal integrity; comfort in presenting to a wide range of audiences, including board level, clients, partners and regulators required.
Deep network of relationships in the Security area within financial services organizations and government/agencies
A skilled team builder who can attract, develop and retain the very best global talent and lead them toward the successful attainment of goals in support of the corporate business strategy.
Experience with merger and acquisition and divestitures activities.
Expert in information policy formulation, information security management, security attack pathologies, IT business risk management, authentication methodologies, and IT security incident response management.
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams, including project teams.
Possess strong global project management experience (resource allocation, budget, and timelines).
Knowledge of national and international regulatory compliances and frameworks such as ISO, FFIEC, Dodd-Frank, SOX, GDPR, HIPAA, FINRA and PCI DSS.
Expert experience with cloud security, layered security platforms and services, including understanding of current security offerings from leading cloud service providers (e.g. AWS), and their applicability to securing an enterprise security environment.
Experience with contract and vendor negotiations and management including managed services.
Specific experience in LEAN methodologies and Agile (scaled) software development preferred.
Professional security certification(s), (CISSP, CISM or CISA) preferred.
Demonstrate a consultative posture with the business and an extreme customer service focus.
Benefits
You will also have access to short-term incentives, multiple health insurance options, accident and life insurance, and access to best-in-class development platforms, to name a few. Please see the benefits below specific to your country. If applicable, additional role-specific benefits will be mentioned during your interview process or in an offer of employment.
Your United States specific benefits include:
Parental Leave
Family First Programs
Medical, Dental, and Life Insurance
Tuition Repayment Assistance Program
For residents of Colorado, California, Connecticut, Delaware, Minnesota, and Pennsylvania: Please do not respond to any questions on this initial application that may seek age-identifying information such as age, date of birth, or dates of school attendance or graduation. You may also redact this information from any materials you submit during the application process. You will not be penalized for redacting or removing this information.
As part of the application process, all applicants are required to take assessments. Western Union has partnered with a 3rd party provider to administer these tests. Applicants will need to provide their name and email address in order to process the assessments. If you have any questions, you may reach out to careers@westernunion.com.
We are passionate about honoring our employee's identity and fostering a feeling of belonging. Our commitment is to provide an inclusive culture that celebrates the unique backgrounds and perspectives of our global teams while reflecting the communities we serve. We do not discriminate based on race, color, national origin, religion, political affiliation, sex (including pregnancy), sexual orientation, gender identity, age, disability, marital status, or veteran status. The company will provide accommodation to applicants, including those with disabilities, during the recruitment process, following applicable laws.
Estimated Job Posting End Date:
05-08-2026This application window is a good-faith estimate of the time that this posting will remain open. This posting will be promptly updated if the deadline is extended or the role is filled.