Wanna be responsible for IT security for an entire organization? Well here’s your chance! It looks like a great opportunity for a very experienced infosec professional interested in a managerial or business leadership position. The opportunity requires 15-20 years of experience in a security role and someone who knows network security architecture and infrastructure.
And don’t forget … if your organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Well anyway … on to the job post.
A client of CSO Security Risk is seeking a Chief Security Officer (CSO) who will be responsible for directing activities of the corporate security function and operational risk management to enhance the value of the company and brand. The successful candidate will work closely with the VP of Infrastructure and Operations to manage security functions related to corporate information systems and data centers.
The CSO will oversee a network of employees and vendors who safeguard the company’s assets, intellectual property and computer systems. Physical protection responsibilities will include physical safety of employees and visitors, asset protection, workplace violence prevention, access control systems, video surveillance, and more. Information protection responsibilities will include firewalls, network security architecture and infrastructure, network access and monitoring policies, employee education and awareness, and more. This person must be able to develop and implement flexible security solutions, dictated by the needs of a hybrid and rapidly evolving decentralized business environment.
Roles & Functions
- Work closely with corporate executives, business managers, audit and legal counsel to understand corporate requirements related to security and regulatory compliance, and to map those requirements to current security projects
- Manage the development and implementation of global policies, processes, and guidelines related to corporate security strategy and associated architecture and engineering standards to ensure ongoing maintenance of security
- Oversee the continuous monitoring and protection of facilities, personnel and information systems. Evaluate suspected security breaches and recommend corrective actions (including incidents involving outside vendors)
- Define and implement an ongoing Risk Assessment program, which will define, identify, and classify critical assets, assess threats and vulnerabilities regarding those assets, and implement safeguard recommendations
- Assist internal audits in the development of appropriate criteria needed to assess the level of new/existing applications and/or technology infrastructure elements for compliance with enterprise security standards
- Establish and monitor formal certification programs regarding enterprise security standards relating to the planned acquisition and/or procurement of new applications or technologies
- Assist in the review of applications and/or technology environments during the development or acquisitions process to (a) assure compliance with corporate security policies and directions and (b) assist in the overall integration process regarding the company’s own technology environment
- Oversee the development of, and be the enterprise champion of, a corporate security awareness and training program
- At least 15-20 years of experience in a security role, with proven leadership experience in enterprise security
- Must have experience in a managed healthcare/HIPAA compliant company
- Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team
- Able to communicate security-related concepts to a broad range of technical and non-technical staff
- Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation
- Must have strong working knowledge of pertinent law and the law enforcement community
- Must have a solid understanding of information technology and information security
- Must be an excellent public speaker who can interface effectively with external customers
- Must be a results-oriented person who can achieve tangible improvements in the corporate security arena
- Excellent technical and communications skills are a must+
For additional details and contact information on how to apply for this position, please head over to the posting on CSO Online.