This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Baker Tilly Advisory Group, LP - Minneapolis, MN
posted about 2 months ago
About the position
Baker Tilly is seeking a Chief Information Security Officer (CISO) to develop and implement an enterprise-wide cybersecurity strategy. This newly created role will be part of the executive team, responsible for protecting the organization's digital assets and ensuring compliance with regulatory standards. The CISO will lead the information security function, assess cybersecurity risks, and align security initiatives with business goals while collaborating with key stakeholders.
Responsibilities
- Develop, implement, and maintain a comprehensive cybersecurity strategy that supports business objectives and reduces risk.
- Serve as the executive leader responsible for information security, guiding senior leadership on cybersecurity issues, governance, and risk management.
- Lead the security incident response program, including planning, detection, response, and recovery to cyber threats.
- Identify, assess, and mitigate security risks to the organization's information systems and data.
- Lead the cybersecurity operations committee, providing input into the enterprise risk management process.
- Inform the risk committee and board of directors on cybersecurity risks, initiatives, and material incidents.
- Measure and maintain compliance with relevant regulations, standards, and legal requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS).
- Collaborate with legal, privacy, audit, information technology, compliance, and other teams to ensure alignment between security practices and regulatory expectations.
- Oversee the day-to-day operations of the information security team, including monitoring, threat intelligence, incident response, and vulnerability management.
- Ensure the continuous improvement of security tools, technologies, and processes.
- Manage and oversee risk assessments, penetration testing, red teaming, and audits to validate the organization's security posture.
- Collaborate with IT and engineering teams to integrate security into all system designs and software development lifecycles.
- Build and lead a high-performing information security team, fostering a culture of accountability and innovation.
- Act as the spokesperson for cybersecurity within the organization, ensuring clear communication with executive leadership and employees.
- Select and manage security technology vendors and third-party service providers.
Requirements
- Bachelor's degree in information technology, computer science, cybersecurity, privacy, or related field.
- 10+ years of experience in cybersecurity, including at least 3 years as a chief information security officer.
- Strong understanding of risk management, cybersecurity governance, and regulatory compliance.
- Proven experience with incident response, disaster recovery, and business continuity planning.
- Prior experience leading an organization through a significant security incident and associated recovery.
- Expertise in security technologies, including cloud, data security, monitoring, and identity/access management.
- Excellent communication and presentation skills, with the ability to convey complex security issues to non-technical stakeholders.
- Significant experience working with business leaders and board directors on cybersecurity matters.
