WHO WE ARE

Revantage is a Blackstone Company that provides a highly skilled employee base, best-in-class processes, and state-of-the-art technology to multiple Blackstone real estate portfolio companies. Sectors include Hospitality, Industrial, Multi-Family, Office, Retail, Senior Housing, and Manufactured Homes.

Revantage, headquartered in Chicago, is one of three global offices that includes Revantage Asia and Revantage Europe.

WHAT WE VALUE: OUR CULTURE

Creating a culture that inspires change and momentum requires the right team. We know what it takes to lead an industry, and are looking for leaders who seek constant growth, want to excel, and continuously improve upon themselves and the industry. The culture at Revantage is built on our shared core values and commitment to be:

• Achievers – We expect high standards for ourselves and enable the success of our teams
• Enthusiasts – We face challenges with optimism and believe anything is possible
• Leaders – We commit to continuously improving our performance
• Learners – We learn from our challenges and successes
• Partners – We deliver value and positive impact to our partners

WHY THIS ROLE IS VALUABLE

The deputy chief information security officer (CISO) reports to the CISO and is responsible for day-to-day operations to support and augment the CISO's overall responsibilities. The Deputy CISO is an advanced role in supporting the entire cybersecurity program. This individual provides leadership, executive support, strategic and tactical guidance, and complete execution for a world-class cybersecurity program supporting global enterprise security initiatives. As directed by the CISO, the deputy CISO supports and reports on strategic planning and execution of enterprise security systems, applications, and operations. As a business enabler, the deputy CISO ensures business decisions are not obstructed by cybersecurity but instead are made using sound security principles and supporting corporate security policies and plans. The deputy CISO will lead an adaptable and secure business-supporting cybersecurity team, in addition to influencing and executing with technical team members such as software developers, system engineers, cybersecurity engineers and systems administrators.

HOW YOU ADD VALUE

• Acts as the CISO representative when the CISO is not available, including making decisions usually made by the CISO.
• Act as a trusted point of contact for the chief information officer (CIO), chief technical officer (CTO) at PortCos, chief risk officer (CRO), security management, and business units.
• Work closely with security leadership overseeing security operations, incident response, application security, and infrastructure.
• Be actively informed and engaged in daily security operations.
• Understand and be involved in cyber incident response, disaster recovery, and business continuity planning, testing, and validation.
• Provide mentoring to security leadership as needed to support people-first leadership principles.
• Enforce a strong security culture set forth by the CISO, ensuring uniformity across security leadership, business units, and employees.
• Foster strong relationships with internal business units and external entities to maintain a strong network.
• Require security leadership and teams to consistently learn and share advanced knowledge and practices that promote excellence.
• In tandem with the CISO, manage the security budget and additional fiduciary responsibilities.
• Advise on enterprise-wide people, process, and technology security recommendations.
• Maintain an up-to-date level of knowledge relating to security threats, vulnerabilities, and mitigations set forth to reduce the corporate attack surface.
• Ensure security projects are delivered on time and within budget.
• Implement a continuous vulnerability assessment and exposure analysis process and align technical teams to address a timeline for remediation and validation across applications and infrastructure.
• Sponsor vendor and technology solution selection, as well as third-party consulting services as needed.
• Require and support independent verification and validation testing of the company networks and data protection through internal team resources and independent consulting engagements.
• In conjunction with security leadership, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver to non-technical teams in terms that are readily comprehensible.
• Provide the motivation to security teams and employees to maximize rigorous system security controls.
• Remove complexity and obstacles that hinder efficient security controls enterprise-wide.
• Build relationships with technical and compliance teams to deliver security-by-design controls that are incorporated into projects, architecture, infrastructure, and applications.
• Work closely with operational risk, compliance, legal and audit teams.
• Stay abreast of new laws, regulations, and standards, and assess their impacts on the business.
• Verify security content training initiatives, as well as internal and external communication, are conducted regularly.
• Oversee testing and validation of security controls across projects.
• Openly support the CISO, management team, and executive leadership, even during tumultuous times.
• Perform other duties as assigned.

WHAT YOU BRING TO THE ROLE

Required:

• A Player/Coach; Mentor; Team Builder who thrives in dynamic & federated environments
• At least 5+ years' cybersecurity management experience with at least 8+ years in an operationally focused security practitioner role.
• At least 3 years' hands-on experience with building and managing security programs, including but not necessarily limited to: IAM/PAM, SETA, Active Threat Hunting, Vulnerability Management, TPVRM, Insider Threat/DLP, AppDevSec, Security Architecture, Privacy & Compliance, and Incident Response
• At least 3 years' experience working with business leaders and with some fiscal responsibilities.
• Strong written and verbal communication skills across all levels of the organization.
• Ability to effectively manage stress in a constantly changing environment.
• Driven to build a strong, cohesive team and positive enterprise-wide security culture.
• Proven high level of integrity, trustworthiness, and confidence, as well as the ability to represent the company and security leadership with the highest level of professionalism.
• Strategic vision and ability to influence others.
• Strong project management and organizational skills.
• Ability to work effectively with diverse teams and varying personalities and adapt management style to effectively reach and develop the team.
• Ability to gain and preserve credibility with the team through sustained industry knowledge.
• Ability to motivate the team to achieve excellence while giving credit and recognition where it is due.
• Applicable knowledge of the EU's General Data Protection Regulation (GDPR), National Institute of Technology (NIST) standards, California Consumer Privacy Act (CCPA), International Standards Organization (ISO) standards, Health Information Portability and Accountability Act (HIPAA), New York Department of Financial Services (NYDFS) regulations and frameworks, etc.
• Demonstrated understanding and comprehension of a wide range of cybersecurity solutions.
• Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well.
• Self-starter requiring minimal supervision.
• Excellence in communicating privacy, business risk and remediation requirements from assessments.
• Analytical and problem-solving mindset.
• Highly organized and efficient.
• Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.

Preferred:

• Bachelor's degree in business administration, information assurance or related technical field.
• Experience with Security in a shared services/consultative environment with multiple disparate customer bases
• Experience in the commercial real estate sector
• Hands-on experience with Obsidian, Cylance, Absolute, IntSights, ZScaler, MS Sentinel, MS Defender, and InfoBlox
• Holds or working toward one or more security certifications including: C-CISO, CIPP, and/or CISSP

PERKS FOR YOU

• Competitive salary, overall compensation, and 401(k)
• Work-life balance offerings include:
  • Hybrid remote work policy
  • Productivity Hours – weekly meeting-free work time
  • Weekly Summer Fridays
• In-house and external learning & development opportunities
• Generous health insurance and wellness benefits

EEO Statement

Our company is proud to be an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Our employment decisions are based on individual qualifications, job requirements and business needs without regard to race, color, marital status, sex, sexual orientation, gender identity and/or expression, age, religion, disability, citizenship status, national origin, pregnancy, veteran status and/or any other legally protected characteristics. We are committed to providing reasonable accommodations, if you need an accommodation to complete the application process, please email talent@revantage.com.

#LI-JA1