Chief Information Security Officer

About The Position

Requirements

• Strong understanding of cybersecurity principles, frameworks, and technologies, including but not limited to NIST, ISO, CIS Controls, SIEM, IDS/IPS, DLP, encryption, and commercial cloud security.
• Excellent leadership, communication, and interpersonal skills, with the ability to collaborate effectively across departments and influence stakeholders at all levels of the organization.
• Strong analytical and problem-solving skills, with the ability to make risk-based decisions in a fast-paced environment.
• Proven ability to lead and develop a diverse team of cybersecurity professionals.
• Ability to quickly acclimate and confidently assert Information Security leadership in a fast-paced and rapidly changing environment.
• Advanced degree from a recognized university in Computer Science, Information Technology, or a related field.
• Minimum of 10 years of progressive cybersecurity experience, including at least 5 years in senior leadership roles, with a track record of successfully implementing and managing cybersecurity programs.

Nice To Haves

• Experience in regulated industries (e.g., healthcare, finance, government) and familiarity with applicable regulations (e.g., HIPAA, GDPR, SOX) is a plus.
• Industry certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.

Responsibilities

• Lead BlueVoyant’s internal IT and Security Operations teams to deliver secure and successful business outcomes.
• Develop and implement BlueVoyant’s information security strategy and roadmap by building a robust security architecture and policies based on business needs, risk assessments, and regulatory requirements.
• Establish and maintain enterprise security policies, standards, and procedures aligned with business objectives and industry best practices.
• Continually assess emerging security threats and adjust security strategies accordingly.
• Identify, evaluate, and prioritize security risks across the organization.
• Develop and maintain a risk management framework to mitigate risks effectively.
• Manage the risk management program through planning, developing, coordinating, and implementing information technology disaster recovery and business continuity planning.
• Oversee the design, implementation, and maintenance of security controls, technologies, and processes.
• Coordinate incident response activities and lead efforts to mitigate security incidents.
• Conduct regular security assessments and audits to ensure compliance and effectiveness.
• Help ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, ISO 27001).
• Establish and maintain governance structures to support effective information security management.
• Develop and deliver security awareness programs to educate employees about their roles and responsibilities in maintaining security.
• Liaise with internal and external auditors and regulators in reviewing special investigations results, internal audits, research studies, forecasts, and modelling exercises to provide direction and guidance.
• Develop and mentor the next generation of cybersecurity professionals.