Chief Information Security Officer

About the role

The Chief Information Security Officer (CISO) will be responsible for all internal and client-facing security objectives and will strive to  ensure that all information assets are properly protected.  The CISO will provide a clear vision and direction for information and cybersecurity operations.  As CISO, you will be responsible for overseeing a range of technical and process security controls and leading a program of continuous improvement in response to changing security threats and risk while working in consultation and collaboration with colleagues across OculusIT.  The role requires a thorough understanding of the technology underpinning IT systems, as well as a broad, up-to-date knowledge of information security frameworks, pertinent regulation and legislation, vulnerability management, incident management and response, cybersecurity operations, and management and governance of information risk.

Key Responsibilities

  • Develop and maintain a cybersecurity strategy and operating model
  • Define and embed an information security policy framework that addresses the needs of our clients and our service delivery
  • Provide advice and direction in the integration of security practices operational processes
  • Drive and deliver change to cybersecurity systems, processes and procedures by continuously analyzing and reviewing new security technologies and practices as informed by industry best practices
  • Develop and lead an effective, high-performance information security team retaining and attracting key talent to ensure continuous improvement in staff competencies, skills and knowledge
  • Ensure the resources and budget are managed effectively
  • Provide senior leadership and oversight of effective information and cybersecurity risk management, integrated with risk management frameworks
  • Ensure that information and cybersecurity risks are identified and managed appropriately
  • Develop and maintain an effective information security management system and processes for continual improvement
  • Ensure information security is managed effectively throughout the IT service delivery lifecycle
  • Lead the development and delivery of measures and metrics to support the assessment, reporting and ongoing improvement of the information security posture
  • Define and implement an appropriate information assurance framework for our clients utilizing our CISO services
  • Ensure and promote an appropriate level of internal and client-facing information security culture and awareness

Experience

  • Substantial experience in IT organizations encompassing service delivery and IT infrastructure
  • A track record in the management and delivery of transformational security improvements across an organization
  • Proven experience at engaging, influencing and managing stakeholders across departmental and organizational boundaries
  • A track record in directing and managing innovative change and continuous improvement, ensuring excellent organizational performance and outcomes across a complex portfolio of responsibilities
  • Proven experience at managing budgets and resources with a track record of identifying and securing approval for business cases for organizational investment in information and cybersecurity
  • Experienced in leading, developing and motivating a team of subject matter experts

Knowledge & Skills

  • An understanding of best practices within information security and risk management
  • An understanding of legislation and regulations that impact information security
  • An understanding of current and emerging threats and countermeasures and the organizational challenges to addressing these threats
  • Practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies
  • A collaborative leader with strategic acumen and problem-solving skills, able to inspire and motivate colleagues
  • Demonstrable creativity and a commitment to future-proofing service delivery
  • Initiative to lead and drive change
  • Excellent written and verbal communication skills
  • Ability to build strong relationships and influence decisions with internal and external stakeholders
  • A good understanding of project management methodology and how to implement security within them
  • Good analytical skills and the ability to challenge the status quo
  • An ability to think and plan strategically and systematically while recognizing the need to deliver to the business requirements

Qualifications

  • A four-year degree from an accredited institution, equivalent qualification or experience
  • One or more security-specific certification such as CISSP, CISM, CISA, etc
  • At least 5 years of direct experience

Connect with our security experts at contact@oculusit.com