Apply now »

Director, Corporate Information Security

Are you passionate about information security, risk management, privacy, compliance and strategy? Penguin Random House is seeking a Director of Corporate Information Security to join their team. The successful candidate will lead the implementation and management of programs across business and technology units that focus on governance, risk, and compliance, fraud, data security, vulnerability management, and application and cloud security.



  • Assist the Global CISO in the development, implementation, and maintenance of information security procedures, standards, and guidelines. Oversee the localized approval, training, and dissemination of security policies and practices
  • Facilitate the information security risk and control assessment process, as well as support internal and external compliance programs
  • Proactively monitor key risk indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk, and control gaps
  • Monitor business unit metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security
  • Act as a liaison between management, product owners, technology operational risk, and internal audit functions
  • Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation
  • Provide strategy for the implementation of control improvements, including process enhancements and use of automated data collection techniques
  • Oversee information security awareness training programs for US employees, contractors, and approved system users
  • Monitor external threat intelligence information to identify potential fraud or other malicious activity and escalate when necessary
  • Conduct incident response and business continuity simulations to ensure the readiness of personnel in the event of an incident or disaster
  • Manage the third-party risk assessment process to identify potential security and privacy risks and ensure that our vendors comply with internal policies and procedures
  • Show ownership and leadership skills in coordinating projects across multiple teams, driving them to successful conclusion while building strong, lasting relationships with both internal and external stakeholders
  • Demonstrate the ability to break abstract goals into attainable, measurable work items



  • At least 10 years of experience in information security advisory or IT risk management, preferably in a complex, largescale environment
  • Proficiency in information security domains, including policies and standards, risk and control governance and assessments, secure systems development lifecycle, access controls, regulatory compliance, technology resiliency, incident management, vulnerability management, and data protection
  • Strong project management and execution skills for driving enterprise-wide risk initiatives
  • Experience working with cloud computing environments and respective controls
  • Strong analytical and problem-solving skills
  • Working knowledge of information security and privacy frameworks such as IS0 27001, PCI DSS, CCPA and GDPR
  • Certifications such as CISSP, CISM, CRISC, CISA are preferred


Full-time employees are eligible for our comprehensive benefits program. Our range of benefits include, but are not limited to, Medical/Prescription drug insurance, Dental, Vision, Health Care/Dependent Care Flexible Spending Account, Health Savings Account, Pre-Tax and Roth 401(k), Short and Long-Term Disability Insurance, Life/AD&D Insurance, Commuter Benefits, Student Loan Repayment Program, Educational Assistance & generous paid time off. 


Penguin Random House is the leading adult and children’s publishing house in North America, the United Kingdom and many other regions around the world.  In publishing the best books in every genre and subject for all ages, we are committed to quality, excellence in execution, and innovation throughout the entire publishing process: editorial, design, marketing, publicity, sales, production, and distribution.  Our vibrant and diverse international community of nearly 250 publishing brands and imprints include Ballantine Bantam Dell, Berkley, Clarkson Potter, Crown, DK, Doubleday, Dutton, Grosset & Dunlap, Little Golden Books, Knopf, Modern Library, Pantheon, Penguin Books, Penguin Press, Penguin Random House Audio, Penguin Young Readers, Portfolio, Puffin, Putnam, Random House, Random House Children’s Books, Riverhead, Ten Speed Press, Viking, and Vintage, among others.  More information can be found at
Penguin Random House values the array of talents and perspectives that a diverse workforce brings. All qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status.



Company: Penguin Random House LLC 

Country: United States of America 

State/Region: New York 

City: New York 

Postal Code: 10019 

Job ID: 218943

Date:  Jun 23, 2022

New York, NY, US, 10019

Nearest Major Market: Manhattan
Nearest Secondary Market: New York City

Job Segment: Information Security, Book Publishing, Corporate Security, Compliance, Cloud, Technology, Publishing, Security, Legal

Apply now »