At Genworth, we empower families to navigate the aging journey with confidence. We are compassionate, experienced allies for those navigating care with guidance, products, and services that meet families where they are. Further, we are the spouses, children, siblings, friends, and neighbors of those that need care—and we bring those experiences with us to work in serving our millions of policyholders each day.
We apply that same compassion and empathy as we work with each other and our local communities. Genworth values all perspectives, characteristics, and experiences so that employees can bring their full, authentic selves to work to help each other and our company succeed. We celebrate our diversity and understand that being intentional about inclusion is the only way to create a sense of belonging for all associates. We also invest in the vitality of our local communities through grants from the Genworth Foundation, event sponsorships, and employee volunteerism.
Our four values guide our strategy, our decisions, and our interactions:
Make it human. We care about the people that make up our customers, colleagues, and communities.
Make it about others. We do what's best for our customers and collaborate to drive progress.
Make it happen. We work with intention toward a common purpose and forge ways forward together.
Make it better. We create fulfilling purpose-driven careers by learning from the world and each other.
TITLE
Chief Information Security Officer
POSITION LOCATION
Richmond, VA, Raleigh, NC or New York, NY.
SUMMARY
The Chief Information Security Officer (CISO) is a business‑critical executive role responsible for safeguarding Genworth and CareScout’s information assets, technology, and digital ecosystem while enabling enterprise strategy and growth. The CISO sets the vision and direction for information security and cyber risk management, ensuring security is embedded into how the company operates, innovates, and serves customers.
The CISO is a trusted enterprise leader with strong judgment, influence in a complex organization, and the ability to translate cybersecurity and technology risk into clear, business‑relevant decisions. This role advances a forward‑looking cybersecurity agenda aligned with Genworth’s business objectives, regulatory obligations, and evolving threat landscape. The CISO reports to the Chief Risk Officer and partners closely with executive leadership and the Board of Directors.
RESPONSIBILITIES
Enterprise Security Strategy & Risk Leadership
• Establish and execute an enterprise information security strategy and operating model aligned with business objectives and risk appetite.
• Continuously assess and strengthen Genworth’s cyber and technology risk posture in support of enterprise resilience and growth.
• Define short‑ and long‑term cybersecurity goals, success measures, and investment priorities aligned to business strategy.
• Define and operationalize a shared accountability model for cybersecurity risk, ensuring clear decision rights across the CISO, CIO, and technology/service owners.
• Ensure security is embedded early in technology strategy, roadmaps, and delivery, with integrated planning across engineering, infrastructure, and application teams.
• Drive consistency and scale in control execution, reducing late-stage rework, fragmentation, and reliance on exception-based decisioning.
Governance, Policy & Regulatory Engagement
• Own enterprise information security governance, policies, standards, and controls.
• Lead regulatory engagement related to cybersecurity and represent the enterprise in examinations and audits.
• Oversee internal and external IT compliance efforts and remediation activities.
Executive, Board & Stakeholder Partnership
• Serve as a strategic advisor to executive leadership and the Board of Directors on cyber risk, threat trends, and program effectiveness.
• Own Board‑level cybersecurity governance, including regular reporting on cyber risk posture, material threats, incidents, and progress against enterprise risk tolerance.
• Communicate cyber risk in a decision-ready format, clearly articulating recommendations, tradeoffs, risk levels, and required actions, enabling timely and informed leadership decisions.
Cyber Operations, Threat Management & Crisis Leadership
• Provide executive oversight of security operations, vulnerability management, incident response, and crisis management.
• Lead enterprise response efforts during cybersecurity incidents, ensuring decisiveness, transparency, and cross‑functional coordination.
• Stay ahead of emerging threats, technologies, and industry trends to proactively adapt security capabilities.
Culture, Talent & Influence
• Lead, develop, and inspire a high‑performing information security organization.
• Champion a culture of security awareness, accountability, ethical behavior, and continuous improvement across the enterprise.
• Build trust‑based relationships with internal and external stakeholders to influence outcomes in complex and high‑stakes environments.
EXPERIENCE
The ideal candidate is a seasoned cybersecurity and risk executive with deep business acumen and a demonstrated track record of leading enterprise‑scale security, resilience, and risk management programs. The CISO will possess the following experience and capabilities:
Enterprise Cybersecurity Strategy & Risk Leadership
• Proven success establishing and executing an enterprise information security strategy aligned with business objectives and risk appetite.
• Demonstrated ability to translate complex cyber and technology risks into clear, actionable insights for executive leadership and the Board of Directors.
• Experience leading enterprise cybersecurity programs within large, complex, and highly regulated organizations.
Cyber Operations, Threat Management & Resilience
• Experience overseeing enterprise security operations, including vulnerability management, monitoring, incident response, and crisis management.
• Advanced understanding of current and emerging cyber threats and vulnerabilities, with the ability to adapt security capabilities proactively.
• Experience leading enterprise response efforts during significant cybersecurity incidents or operational disruptions.
• Ability to frame cyber risk in financial and business impact terms to inform investment, insurance, and risk tradeoff decisions.
Governance, Regulatory & Compliance Leadership
• Demonstrated expertise in information security governance, regulatory compliance, data privacy, and enterprise control frameworks.
• Experience leading internal and external IT audits and managing remediation efforts.
• Proven ability to partner effectively with regulators and external oversight bodies.
Technology & Third‑Party Ecosystem
• Broad technology experience spanning applications, infrastructure, cloud computing, and virtualized environments.
• Experience managing vendor and third‑party risk, including managed security services and contract negotiations.
• Strong understanding of how technology solutions protect enterprise data, systems, and networks at scale.
• Experience protecting highly sensitive policyholder, financial, and health‑related information in regulated environments.
Leadership & Experience
• 15+ years of progressive experience across cybersecurity, technology, and risk disciplines, including 10+ years in senior leadership roles with accountability for enterprise‑wide outcomes.
• Proven ability to build, lead, and develop high‑performing security teams with measurable impact.
• Experience leading through complexity and change with strong judgment, learning agility, and a human‑centered leadership approach.
COMPETENCIES
Results‑Focused Execution
• Applies disciplined judgment to balance risk, speed, and opportunity in decision making.
• Establishes clear direction, priorities, and measurable outcomes aligned to enterprise strategy.
• Demonstrates unwavering integrity and discretion when handling sensitive and confidential information.
• Adapts quickly to changing conditions and leads effectively through ambiguity.
Stakeholder Engagement & Executive Presence
• Communicates with clarity, transparency, and confidence across all levels of the organization.
• Effectively conveys complex and sensitive risk topics to executives, regulators, and the Board.
• Models an inclusive, values‑based leadership approach that reinforces trust and credibility.
Relationship Building & Influence
• Navigates complex organizational dynamics with emotional intelligence and sound judgment.
• Influences outcomes through trust, insight, and constructively challenging perspectives.
• Maintains a tough‑minded yet collaborative approach in high‑stakes discussions.
People Leadership
• Empowers and develops diverse talent, with a strong commitment to succession and capability building.
• Provides timely, candid, and constructive feedback that drives performance and growth.
• Remains calm, decisive, and steady under pressure, particularly during crisis situations.
Employee Benefits & Well-Being
Genworth employees make a difference in people’s lives every day. We’re committed to making a difference in our employees’ lives.
- Competitive Compensation & Total Rewards Incentives
- Comprehensive Healthcare Coverage
- Multiple 401(k) Savings Plan Options
- Auto Enrollment in Employer-Directed Retirement Account Feature (100% employer-funded!)
- Generous Paid Time Off – Including 12 Paid Holidays, Volunteer Time Off and Paid Family Leave
- Disability, Life, and Long Term Care Insurance
- Tuition Reimbursement, Student Loan Repayment and Training & Certification Support
- Wellness support including gym membership reimbursement and Employee Assistance Program resources (work/life support, financial & legal management)
- Caregiver and Mental Health Support Services
