The Howard Hughes name is synonymous with an unrelenting passion for excellence. While his achievements in aviation and the silver screen are legendary, it was his investments in real estate that formed the foundation of our company. With passion, determination, and limitless imagination, he built one of the great American empires of the 20th century. At Howard Hughes, we live by our purpose to help people discover new ways of experiencing life - because it's not just buildings and places that matter, it's what you do with them that can change the way people live.

We aspire to be the most creatively driven real estate company in the world and we believe in fostering a culture that is built to last by cultivating curiosity and empowering every employee to find their story in this great organization.

• Develop and lead the execution of the information security strategy, aligning it with the overall business objectives.
  
• Define and communicate security policies, procedures, and standards across the organization
  
• Continuously monitor industry trends and emerging threats to adjust the security strategy as needed.
  
• Provide guidance to the executive leadership team and Board of Directors on comprehensive cybersecurity strategies and recommended actions.
  
• Provide regular updates on the status of the IT cybersecurity program to Executive Leadership and the Board of Directors.
  

• Identify, assess, and prioritize security risks and vulnerabilities.
  
• Implement risk mitigation strategies and security controls to safeguard the organization's assets.
  
• Monitor and provide real-time analysis and mitigation of security threats.
  

• Establish and maintain an robust security governance framework.
  
• Oversee compliance with relevant frameworks and regulatory requirements (e.g., GDPR, ISO 27001, NIST, etc.).
  
• Ensure compliance with legal and ethical standards in information cybersecurity practices across the organization.
  

• Develop and maintain a comprehensive incident response plan to address security events.
  

• Lead incident response efforts, coordinate with external resources, and oversee recovery and remediation efforts.
  

• Lead the security operations in monitoring, detecting, and responding to security incidents and threats.
  
• Manage and maintain security technologies such as intrusion detection systems, firewalls, and endpoint security solutions.
  
• Develop and administer security awareness programs for company personnel to ensure that we are well-informed about security policies and best practices.
  
• Conduct regular security assessments, vulnerability scans, and penetration testing to identify and remediate weaknesses in the organization's technology environment.
  

• Continuously evaluate the security posture of third-party vendors and service providers.
  
• Collaborate with Legal and Procurement teams to ensure that cybersecurity requirements are included in contracts and agreements with external parties.
  

• Develop and manage the information security budget, organization structure including staff and vendor cybersecurity organizations, cyber security technology stack, and training resources.
  
• Ensure the efficient use of allocated resources to meet security objectives.
  

• Assists in reporting to the most senior levels of the Company (Executive Team, the Board of Directors, and subcommittees). Reporting to include the Company's overall cyber strategy, cyber related metrics, industry updates, risk mitigation and the status on other cyber related initiatives.
  

• Bachelor's degree in computer science, information technology, or a related field. Master's degree preferred.
  
• Certified Information Systems Security Professional (CISSP) or equivalent certification.
  
• Over 10 years of experience in information security, including a minimum of 5 years in a senior leadership role.
  
• In-depth knowledge of cybersecurity principles, technologies, and best practices.
  
• Strong understanding of regulatory requirements and compliance standards.
  
• Excellent communication and leadership skills.
  
• Proven ability to build and lead a high-performing cybersecurity team.
  
• Excellent interpersonal, verbal, and written communication skills.
  
• Ability to present complex information to all levels of the organization.
  
• Capability to operate in a dynamic work environment with competing priorities.
  
• A team oriented individual who can multi-task and is self-directed.
  
• Demonstrates sound judgment in decision-making when not all information is available.
  
• Strong problem-solving and critical thinking abilities.
  
• Onsite presence required Mon-Thurs.