Position |
Chief Information Security Officer
|
Location | US |
Reporting Manager | |
Shift Timings | 8:00 AM-5:00 PM (EST) |
About the role
The Chief Information Security Officer (CISO) will be responsible for all internal and client-facing security objectives and will strive to ensure that all information assets are properly protected. The CISO will provide a clear vision and direction for information and cybersecurity operations. As CISO, you will be responsible for overseeing a range of technical and process security controls and leading a program of continuous improvement in response to changing security threats and risk while working in consultation and collaboration with colleagues across OculusIT. The role requires a thorough understanding of the technology underpinning IT systems, as well as a broad, up-to-date knowledge of information security frameworks, pertinent regulation and legislation, vulnerability management, incident management and response, cybersecurity operations, and management and governance of information risk.
Key Responsibilities
- Develop and maintain a cybersecurity strategy and operating model
- Define and embed an information security policy framework that addresses the needs of our clients and our service delivery
- Provide advice and direction in the integration of security practices operational processes
- Drive and deliver change to cybersecurity systems, processes and procedures by continuously analyzing and reviewing new security technologies and practices as informed by industry best practices
- Develop and lead an effective, high-performance information security team retaining and attracting key talent to ensure continuous improvement in staff competencies, skills and knowledge
- Ensure the resources and budget are managed effectively
- Provide senior leadership and oversight of effective information and cybersecurity risk management, integrated with risk management frameworks
- Ensure that information and cybersecurity risks are identified and managed appropriately
- Develop and maintain an effective information security management system and processes for continual improvement
- Ensure information security is managed effectively throughout the IT service delivery lifecycle
- Lead the development and delivery of measures and metrics to support the assessment, reporting and ongoing improvement of the information security posture
- Define and implement an appropriate information assurance framework for our clients utilizing our CISO services
- Ensure and promote an appropriate level of internal and client-facing information security culture and awareness
Experience
- Substantial experience in IT organizations encompassing service delivery and IT infrastructure
- A track record in the management and delivery of transformational security improvements across an organization
- Proven experience at engaging, influencing and managing stakeholders across departmental and organizational boundaries
- A track record in directing and managing innovative change and continuous improvement, ensuring excellent organizational performance and outcomes across a complex portfolio of responsibilities
- Experienced in leading, developing and motivating a team of subject matter experts
- Proven experience at managing budgets and resources with a track record of identifying and securing approval for business cases for organizational investment in information and cybersecurity
Knowledge & Skills
- An understanding of best practices within information security and risk management
- An understanding of legislation and regulations that impact information security
- An understanding of current and emerging threats and countermeasures and the organizational challenges to addressing these threats
- Practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies
- A collaborative leader with strategic acumen and problem-solving skills, able to inspire and motivate colleagues
- Demonstrable creativity and a commitment to future-proofing service delivery
- Initiative to lead and drive change
- Excellent written and verbal communication skills
- Ability to build strong relationships and influence decisions with internal and external stakeholders
- A good understanding of project management methodology and how to implement security within them
- Good analytical skills and the ability to challenge the status quo
- An ability to think and plan strategically and systematically while recognizing the need to deliver to the business requirements
Qualifications
- A four-year degree from an accredited institution, equivalent qualification or experience
- One or more security-specific certification such as CISSP, CISM, CISA, etc
- At least 5 years of direct experience