Our client, a Professional Services Company, is seeking a remote Chief Information Security Officer to join their growing team.
The Chief Information Security Officer (CISO) will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.
This role involves overseeing the development and implementation of security policies, protocols, and procedures to safeguard the company's data, intellectual property, and systems from cyber threats.
The CISO will work closely with executive & senior management, IT teams, and other stakeholders to align security initiatives with business objectives and regulatory requirements.
Job Requirements :
- Oversee the vulnerability management program for the organization. This includes vulnerability scanning as well as remediation.
- Develop and implement a comprehensive information security strategy and roadmap aligned with the company's business objectives and regulatory requirements.
- Lead the creation and enforcement of security policies, standards, and guidelines to protect sensitive information and technology infrastructure.
- Establish governance frameworks for information security risk management, compliance, and incident response.
- Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats.
- Oversee the development and execution of risk management plans, including disaster recovery and business continuity strategies.
- Collaborate with the legal and compliance teams to ensure the company's adherence to industry regulations, such as FTC safeguards ACT, NY DFS, and other relevant standards.
- Manage and lead a team of security professionals, including security analysts, engineers, and incident responders.
- Oversee the day-to-day monitoring of security events and the management of security tools and technologies.
- Coordinate incident response efforts, including investigation, containment, and recovery from security breaches or incidents.
- Act as a liaison between the security team and other departments, fostering a culture of security awareness across the organization.
- Provide regular updates to the executive team on the status of the security program, including metrics, threats, and incident reports.
- Collaborate with external partners, vendors, and law enforcement agencies as necessary to enhance security measures and respond to incidents.
- Stay current with emerging security technologies and industry trends, assessing their applicability to the company's needs.
- Drive continuous improvement of the company's security posture through innovative approaches and best practices.
- Collaborate with training teams to drive security training and awareness initiatives for employees and partners.
- Performs other related duties as assigned
- This position has direct reports and has manager responsibilities. Manages staff and carries out supervisory responsibilities in accordance with the organization's policies and applicable laws.
- Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance;
rewarding and disciplining employees; addressing complaints and resolving problems.
Qualifications :
- Bachelor's degree in Information Security, Computer Science, or a related field. A master's degree is preferred.
- A minimum of 10 years of experience in information security, with at least 5 years in a senior leadership role, preferably within the mortgage technology or financial services industry.
- Relevant certifications such as CISSP, CISM, CISA, or similar
- Proven track record in developing and implementing comprehensive security programs and strategies.
- Strong knowledge of information security frameworks, standards, and regulations (e.g., ISO 27001, NIST, FTC Safeguards ACT, NY DFS).
- Excellent leadership, communication, and interpersonal skills
- Ability to think strategically and act tactically, with strong problem-solving and decision-making capabilities.