The client, a global derivatives exchange and clearing house, sought to hire a Global Chief Information Security Officer to lead their information security program across six global locations. The recruiter mapped the CISO functions of similar companies in each location and identified the top CISOs, presenting this information to gain agreement on the role requirements. They interviewed 80 priority candidates from an initial pool of 140 over five weeks, shortlisting four candidates for final consideration. An offer was extended but declined, and a second candidate accepted the role in the tenth week of the search.
1. HIRING A GLOBAL CHIEF
INFORMATION SECURITY OFFICER
THE CLIENT: A Global Derivatives Exchange and Clearing House
THE ROLE: Global Chief Information Security Officer
LOCATIONS: Chicago, London, New York, Washington, Singapore & Hong Kong
OUR SUCCESS: Talent Map presented in 3 weeks / Search Delivered in 10 weeks (including 5
weeks of client process)
SITUATION: Our client had an established information security programme with a dedicated team
focused on protecting core and secondary business operations. The team was led by
a traditional IT specialist and the business was keen to upskill the programme and re-
deploy the existing head into a more technical role. The function was owned by the
CIO but worked very closely with both the COO and Global Head of Compliance.
Technical operations sat in Chicago with a team also in Ireland. Due to the need for
the role to be visible with the regulators and government officials, there was also a
need to create a presence in Washington and London. The main clients for this role
were based in New York, Chicago, London and across Asia.
REQUIREMENT: The Managing Director and Chief Information Security Officer is responsible for
establishing, maintaining and improving the corporation’s Information Security
Program including establishing an enterprise wide information security strategy,
adapting relevant frameworks, directing the development of a corporate
CANDIDATE 1 CANDIDATE 2 CANDIDATE 3
Cyber Security
CANDIDATE 4 CANDIDATE 5
Illustration showing the balance of skills for shortlisted candidates
Illustration showing identification process undertaken
Operations
Cyber Security
Cyber Security
Clearing
Operations
Select individuals
against cultured
fit with client
Identify which individuals
led the implementation
of such a programme
Identify which individuals
associated with the
implementation of such
a programme
SHORTLIST
LONDON
CHICAGO
NEW
YORK
W
ASHINGTON
ASIA
Intermediaries
Banks
Exchanges
Airlines
Pharmaceutical
Business Services
Illustration showing the projects focus on both sectors and geographies
companies
k with similar
requirements
hich of these
have recently
d centralised
e functions
R E C R U I T I N G W I T H I N T E G R I T Y
2. information security architecture, conducting risk assessments, ensuring timely
and effective incident response, compliance, reporting on security posture and
providing training and awareness across the organisation.
CHALLENGES: Whilst the role was owned by the CIO, both the operations and compliance
functions had a significant influence on defining the role. With this in mind
the search had to review each of their specific requirements and ensure all
expectations were managed. As this role also had a broad client base, the
interview panel included people from across the entire organisation which created
logistical challenges when managing the process.
THE SOLUTION: In order to gain commitment from across the business, the search began by mapping
the CISO functions across different financial service and commercial environments in
each of the target geographies. During this process we highlighted key figures and
profiled their backgrounds. This was then presented in the form of a map to each
of the stake holders and used to gain an agreement in principal on how the ‘right
person’ would look. Simultaneously we mapped out who the market considered
the top 10 CISO’s to be in each of the key locations. (Chicago, London, New York,
Washington and Asia), and presented this data in the form of league tables.
THE OUTCOME: The complete map comprising of 140 profiles was presented within 3 weeks of
the full brief, from which 80 priority calls were identified. During the following
3 weeks we approached everyone on the list and during weeks 4 and 5 we
conducted interviews. In order to ensure we presented a variety of options we
interviewed at least 4 candidates in each of the agreed locations. All interviews
were carried out by the same consultant in order to maintain continuity.
THE SHORTLIST: Our shortlist was comprised of 3 reports. The
first presented the best candidates against
the brief, irrespective of location; the second
presented the top three in each location and
the third considered the challenges of being
in a particular location and fulfilling the
broader brief. From this the client concluded
that the challenge of delivering this role
from London, Singapore, Hong Kong and
Washington were greater than the benefit of
hiring from one of these regions. Following
this conclusion we defined and presented a
final shortlist of 4 candidates (2 in New York
and 2 in Chicago).
THE PLACEMENT: An offer was made in week 10 of the project. Unfortunately the preferred
candidate received a counter offer and chose to stay in their existing position.
We returned to the original shortlist and within 6 days of the first offer being
rejected, a second offer was made and accepted.
Illustration showing how many candidates were
considered at stages of the recruitment process
127 Candidates Identified
35 Candidates Targeted
13 Candidates
Shortlisted
7 Candidates
Interviewed
Illustration showing how many candidates were
considered at stages of the recruitment process
105 Candidates Identified
20 Candidates Targeted
6 Candidates
Shortlisted
Illustration showing how many candidates were
considered at stages of the recruitment process
140 Candidates Identified
80 Candidates Targeted
4 Candidates
Shortlisted
rivatives
rading
earing
erations
r Security
mmercial
nagement
Commercial
Management
Derivatives
Trading
Clearing
Commercial
Management
Derivatives
Trading
Clearing
Operations
Commercial
Management
Derivatives
Trading
Cyber Security
Derivatives
Trading
Clearing
Operations
R E C R U I T I N G W I T H I N T E G R I T Y