Senior Information Security Officer

1 day ago Be among the first 25 applicants

Direct message the job poster from SecurIT360

Position: Senior Information Security Officer

Duration: Direct Hire

Location: Remote (Anywhere in the US)

*MUST BE A US CITIZEN*

Company Background

SecurIT360 is a full-service specialized Cybersecurity and Compliance consulting firm that was founded in 2009 with consistent growth year over year.

We are proud to be an independent, vendor-agnostic, technology company focused on developing programs and systems specifically catered to our clients’ needs.

We empower our clients with the advice needed to improve and maintain their security posture.

It is our job to know about the many facets of Cybersecurity and Compliance. It is our goal to uncover the internal security issues that most IT departments do not normally have either the time or manpower to discover, in order to keep our clients ahead of the IT security curve.

We offer services in four primary areas in order to achieve this goal and to help our clients identify risks, proactively prepare, measure present state of security and compliance, 24/7 monitoring for threats, and respond when incidents do occur.

• Assessments & Penetration Testing
• Compliance & Standards
• Managed Services & Program Development

Job Summary

We are seeking a Senior Information Security Officer (ISO) to evaluate, support, and consult on the cybersecurity efforts of multiple clients across various industries. In this role, you will serve as a trusted advisor, responsible for assessing the effectiveness of clients' security programs and controls, identifying gaps, and providing actionable recommendations to enhance their overall cybersecurity posture. You will guide the development and implementation of robust information security strategies, provide tailored training and consulting, as well as support compliance and risk management initiatives. This role requires deep technical knowledge, strong client management skills, and the ability to communicate complex security concepts to both technical and executive audiences..

Requirements

• Serve as the security advisor for multiple clients, maintaining strong relationships with key stakeholders, while understanding client business needs and tailor security recommendations accordingly.
• Communicate complex security issues across various audiences.
• Prepare and present reports, dashboards, and executive summaries outlining security risks, progress, and recommendations.
• Conduct comprehensive reviews of clients' information security programs, policies, and procedures.
• Evaluate the maturity and effectiveness of technical and administrative security controls.
• Perform gap analyses against industry standards (e.g., NIST, ISO 27001, CIS Controls) and regulatory requirements (e.g., HIPAA, GDPR, CMMC).
• Identify and assess cybersecurity risks across client environments.
• Develop risk mitigation strategies and present prioritized recommendations.
• Advise clients on long-term security program development and improvements.
• Assist in the design and implementation of security architectures and frameworks.
• Review, update, and create information security policies, standards, and procedures tailored to client environments.
• Assist clients in developing or enhancing various parts of their overall security program.
• Stay current with evolving threat landscapes, technologies, and best practices.
• Contribute to the continuous improvement of internal methodologies, tools, and templates.
• Limited travel may be necessary for client engagements.

Preferred Experience, Educational Background, and Skills

• Minimum of 6–8 years of progressive experience in information security, including 2–4 years in a senior or advisory role
• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field preferred.
• Proven experience managing or assessing multiple clients or business units in a consulting or MSSP environment.
• Familiarity with various regulatory requirements such as HIPAA, ISO27001, PCI-DSS, SOC2, GDPR, NIST, CMMC, etc.

At least one or more higher level ISC2 or ISACA certification(s) desired, such as:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Cloud Security Professional (CCSP)

Qualities and Aptitudes

• Experience in developing and implementing security policies, procedures, and awareness training programs including a deep understanding of information security principles, technologies, and best practices.
• Organized and capable of managing time effectively.
• Able to work independently and exercise sound judgment.
• Ability to effectively communicate with staff at all levels.
• Ability to manage multiple priorities, frequently under stressful deadlines.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  Computer and Network Security and Information Services

Referrals increase your chances of interviewing at SecurIT360 by 2x

Medical insurance

Vision insurance

401(k)

Disability insurance

Get notified when a new job is posted.

United States $121,000.00-$140,000.00 4 days ago

United States $170,000.00-$220,000.00 1 week ago

United States $253,895.00-$298,700.00 5 days ago

Gaithersburg, MD $110,000.00-$125,000.00 1 week ago

United States $270,000.00-$320,000.00 1 week ago

United States $160,000.00-$180,000.00 2 days ago

Phoenix, AZ $149,000.00-$165,000.00 1 week ago

United States $80,000.00-$128,000.00 1 week ago

Washington, DC $105,100.00-$231,100.00 12 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.