Chief Information Security Officer (CISO)

About The Position

Requirements

• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials, is desired.
• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent experience.
• Minimum of eight to ten years of experience in a combination of risk management, information security and IT roles.
• At least three years must be in a leadership role.
• Employment history must demonstrate increasing levels of responsibility.
• Deep understanding of cybersecurity technologies, practices and methodologies, including intrusion detection systems, firewalls, anti-virus software, data encryption and emerging technologies, such as: AI, IoT, cloud computing.
• Expert in application of the NIST and ISO 27001 Risk Management and Cybersecurity Frameworks.
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
• Must be a critical thinker, with strong analytical and problem-solving skills.
• Knowledge and understanding of relevant legal and regulatory requirements, such as the General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA).
• Project management skills: financial/budget management, scheduling and resource management.
• Must reside in the Dallas/Ft. Worth area.
• Only local applicants will be considered.

Nice To Haves

• Master’s degree in Computer Science, Information Systems, Engineering, Business, or related discipline, or equivalent training/experience (preferred).
• Experience with highly regulated industries such as healthcare, financial services, government, and publicly listed companies.
• Familiarity with securing and operating on public Cloud (AWS, Azure, GCP) providers.

Responsibilities

• Direct and manage information technology strategic plans, programs, and schedules for business and finance data processing, computer services, network communications and management information services.
• Lead the development and management of a comprehensive cybersecurity program, crucial for protecting our company’s assets and infrastructure, while facilitating secure digital transformation.
• Collaborate with individual contributors and business leaders to define business process issues, operational efficiencies, implement creative solutions and measure delivery results.
• Manage the client relationship effectively.
• Identify emerging information technologies to be assimilated, integrated and introduced within the client account.
• Lead and inspire cross-functional, interdisciplinary teams to accomplish both tactical and strategic objectives with a keen focus on achieving business outcomes.
• Manage confidential matters with discretion and maturity.
• Ensure technology deployments are properly implemented, integrated and supported.
• Develop and manage privacy and security awareness training programs for employees.
• Articulate complex cybersecurity concepts to both technical and non-technical audiences.
• Translate security problems to business impact.
• Liaise with the enterprise architecture team to ensure alignment between security and enterprise architectures.
• Ensure that security programs follow relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
• Conduct continuous risk management.
• Conduct regular security audits, assessments and penetration tests to identify vulnerabilities.
• Establish and administer a privacy and security incident response process and be actively engaged on high priority incidents, including preparation, investigation, response and impacted customer notification and communications.
• Coordinate the use of external resources involved in the information security program, including interviewing, negotiating contracts and fees and managing external resources.
• Facilitate and build upon a whole-of-state approach to cybersecurity.

Benefits

• competitive pay
• performance-based bonuses
• 401K
• health, dental and vision insurance coverage
• paid holidays
• paid time off