Chief Information Security Officer - Virtual

Full time | Select Cyber | United States

Posted On 05/02/2019

Job Opening ID ZR_48_JOB

City Addison

State/Province Texas

75001

Select Cyber has been asked to identify a highly skilled and strategic Information Security leader. The CISO will be a member of the CIO cybersecurity leadership team, working closely with senior business leaders across the organization. In this role you will provide (locally or remotely in a virtual mode) long-range strategy, detailed information security oversight and strategic leadership for this major financial organization. The CISO will lead the development and implementation of a comprehensive information security program, oversee information security Governance, Risk and Compliance as well as critical business priorities.

REQUIREMENTS:

1. Establish a comprehensive, bank-wide information security strategy to ensure the availability, integrity, and confidentiality of critical information assets.
2. Manage policies, standards, and processes designed to protect information assets.
3. Work directly with business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
4. Establish procedures to address security incidents and partner with executive leadership to investigate and resolve security breaches.
5. Stay up-to-date on regulatory changes, emerging threats and evolving technologies and implement appropriate control mechanisms and security architecture based on risks within Bank’s environment.
6. Chair a cross-functional committee that drives enterprise information and technology security and risk strategies.
7. Work within and support the enterprise Vendor Management Program to support selection, negotiation, and contract management for service level agreements with outside suppliers as required.
8. Maintain a risk-based framework to mitigate and monitor third party risk.
9. Actively participate in enterprise-wide Business Continuity Planning (BCP) including the establishment and validation of procedures to restore business critical services in the event of a disaster, (i.e. IT Disaster Recovery (DR).
10. Oversee the approval, training, and dissemination of security policies and practices.
11. Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings.
12. Liaise with internal and regulatory auditors on cyber security subject matter.
13. Define, identify and classify critical information assets, perform risk analysis regarding those assets to recommend and participate in implementing cost effective security solutions.

EXPERIENCE/KNOWLEDGE:

1. Minimum of ten (10) years of IT security experience, with at least four (4) being in a senior leadership role.
2. Financial Services/Banking/Brokerage industry experience required.
3. Strong understanding of strategic business imperatives and be able to articulate risk in the context of business objectives; he or she will have a deep working knowledge of relevant compliance, regulatory frameworks (e.g., ISO, SOX, ITIL, COBIT) and Payment Card Industry (PCI) Data Security Standard (DSS).
4. Superior theoretical and practical expertise in enterprise and information systems security.
5. Professional security management certification as a Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials are recommended.
6. Energy, enthusiasm and the ability to multi-task in a fast-paced, dynamic environment.
7. Bachelor's or Master’s degree (or equivalent) required in computer science, management information systems, business administration (or a related discipline).
8. Ability to travel to all locations as well as ability to travel overnight, as needed for meetings, projects, seminars, etc.