Deputy Chief Information Security Officer

About The Position

Requirements

• Bachelor's Degree Information Systems
• Bachelor's Degree Business
• Bachelor's Degree Computer sciences
• 5-7 years experience in risk management and information security fields required
• Strong written and verbal communication skills across all levels of the organization.
• Ability to effectively manage stress in a constantly changing environment.
• Driven to build a strong, cohesive team and positive enterprise-wide security culture.
• Proven high level of integrity, trustworthiness and confidence, as well as ability to represent the company and security leadership with the highest level of professionalism.
• Strategic vision and ability to influence others.
• Strong project management and organizational skills.
• Ability to work effectively with diverse teams and varying personalities, and adapt management style to effectively reach and develop the team.
• Ability to gain and preserve credibility with the team through sustained industry knowledge.
• Ability to motivate the team to achieve excellence, while giving credit and recognition where it is due.

Nice To Haves

• Master's Degree Information Systems preferre
• Master's Degree Business preferred
• Master's Degree Computer sciences preferred
• Certified Information Systems Security Professional - International Information System Security Certification Consortium preferred
• Certified Information Security Manager - Information Systems Audit and Control Association preferred
• Certified in Healthcare Privacy & Security (CHPS) American Health Information Management Association preferred

Responsibilities

• Works closely with security leadership overseeing security operations, incident response, application security and infrastructure.
• Actively informed and engaged in daily security operations.
• Enforces a strong security culture, ensuring uniformity across security leadership, business units and Associates.
• Fosters strong relationships with internal business units and external entities to maintain a strong network.
• In tandem with the VP/CISO, manages the security budget and additional fiduciary responsibilities.
• Advises on enterprise-wide people, process and technology security recommendations.
• Maintains an up-to-date level of knowledge relating to security threats, vulnerabilities and mitigations set forth to reduce the corporate attack surface.
• Ensures security projects are delivered on time and within budget.
• Implements a continuous vulnerability assessment and exposure analysis process and aligns technical teams to address a timeline for remediation and validation across applications and infrastructure.
• Sponsors vendor and technology solution selection, as well as third-party consulting services as needed.
• Requires and supports independent verification and validation testing of the company networks and data protection through internal team resources and independent consulting engagements.
• In conjunction with security leadership, defines key performance indicators (KPIs) and metrics aligning with business initiatives and delivers to non-technical teams in terms that are readily comprehensible.
• Provides motivation to security teams and Associates to maximize rigorous system security controls.
• Removes complexities and obstacles that hinder efficient security controls enterprise-wide.
• Builds relationships with technical and compliance teams to deliver security-by-design controls that are incorporated into projects, architecture, infrastructure and applications.
• Works closely with operational risk, compliance, legal and audit teams.
• Stays abreast of new laws, regulations and standards, and assesses their impacts to the business.
• Verifies security content training initiatives, as well as internal and external communication are conducted regularly.
• Oversees testing and validation of security controls across projects.
• Openly supports the VP/CISO, management team and executive leadership, even during tumultuous times.