U1 Chief Information Security Officer

Job Position: Chief Information Security Officer (CISO)

Department: Information Technology

Reports to: Chief Information Officer (CIO)

FLSA: Exempt 

Status: Full-time  

Work Location: Silver Spring, MD  

OVERVIEW: 

The Radio One story began simply with a dream and one radio station. Forty years, 13 markets, and 70 stations later, we are an urban media empire, spanning multiple media platforms. We are in your ears with Reach Media/Radio One, on your televisions with TV One, and may even be the name behind your favorite website, with our digital platform Interactive One. Information is power, and our mission here at Radio One, Inc. is simple – to be the most trusted media source in the African American community. At Radio One, we pride ourselves on hiring people who are dedicated and continue to challenge the norm, while embracing a corporate culture built on creativity and passion. We are our employees’ biggest fans, and it is our daily mission to attract, develop, and retain the brightest stars in the business.

The Chief Information Security Officer (CISO) serves as the senior executive accountable for enterprise cybersecurity strategy, risk and financial governance, and operational resilience across Urban One’s media and corporate environments. Reporting to the Chief Information Officer, the CISO partners with executive leadership and the Board of Directors to align cybersecurity priorities with business objectives, safeguard enterprise value, and strengthen organizational resilience. This role provides strategic oversight of cyber risk, the expansion of AI threats, regulatory and compliance exposure, business continuity, and security investment planning, ensuring cybersecurity is embedded as a critical business enabler, a driver of operational trust, and a foundational element of enterprise risk management.

ESSENTIAL RESPONSIBILITIES: 

• Provides strategic guidance and transparency to the Executive Team, Board, and enterprise on cyber risk, resilience, crisis readiness, regulatory exposure, and investment priorities.
• Establishes the enterprise cybersecurity, data protection, and resilience strategy in alignment with business priorities and board-approved risk tolerance.
• Evaluate and prioritize cybersecurity investments, including internal capabilities and 3^rd party services, to improve risk reduction, resilience, and operational effectiveness.
• Deliver clear executive dashboards, metrics, and narratives that support board transparency, enterprise prioritization, and investment decisions.
• Champion a culture of security ownership, accountability, and disciplined decision-making across all divisions, markets, and operating environments.
• Oversee the integration of cyber risk into the enterprise risk and control environment in partnership with Internal Audit, Finance, Legal, and Compliance.
• Oversee compliance and risk coordination with Legal, Finance, Internal Audit, and business leadership across privacy, regulatory, and contractual security requirements.
• Represent the organization with regulators, auditors, insurers, law enforcement, strategic partners, and third-party providers on cybersecurity and resilience matters.
• Partner with the CIO and technology leaders to embed security-by-design into enterprise architecture, modernization, cloud adoption, application delivery, and broadcast operations.
• Provide forward-thinking guidance on preparing and protecting the organization from the fast-paced expansion of AI cybersecurity threats.
• Lead the internal cybersecurity team and key external partners to strengthen detection, response, resilience, and post-incident recovery capabilities.
• Direct the enterprise incident response and cyber crisis management program, ensuring effective executive communication, stakeholder coordination, and lessons-learned follow-through.
• Establish and enhance enterprise security policies, standards, controls, and risk assessment methodologies aligned with recognized frameworks and regulatory obligations.
• Lead the continued maturation of the security program across governance, architecture, security operations, identity, cloud, data protection, vulnerability management, and incident response.
• Periodic travel required

KNOWLEDGE/SKILLS/ABILITIES: 

EDUCATION and/or EXPERIENCE

Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field required; Master’s degree preferred. Minimum 12–15 years of progressive cybersecurity and technology leadership experience, including significant experience leading enterprise security programs in complex, multi-site environments. Demonstrated success advising executive leadership and boards, leading major incident response and crisis management efforts, maturing governance and risk programs, and partnering on secure architecture across cloud, infrastructure, applications, identity, and operational technology or broadcast environments. Relevant certifications such as CISSP, CISM, CRISC, CISA, or equivalent are preferred; advanced study or executive education in cybersecurity, risk management, or digital resilience is a plus.