Chief Information Security Officer CISO

$150,000 - $180,000/Yr

Sherlock Tech Staffing - Boca Raton, FL

posted about 1 month ago

Full-time - Senior
Boca Raton, FL

About the position

The Chief Information Security Officer (CISO) position at a leading IT company in Boca Raton, Florida, is a full-time, permanent role that requires a highly skilled individual to oversee the organization's information security and privacy programs. The CISO will manage a small team of Security Analysts and will be responsible for maintaining a consolidated privacy and security program that aligns with various compliance mandates, including PCI DSS, HIPAA, and other relevant privacy laws. This role is critical in ensuring that the company's technology and security programs are compliant with industry standards and regulations. The ideal candidate will possess a strong background in Information Security, Privacy, and Compliance, with significant experience in Risk Management, Compliance Management, Data Protection, and Privacy Governance. The CISO will work closely with various technical groups and critical infrastructure to develop effective analysis capabilities aimed at protecting the organization from cyber threats and attacks. This position requires strong communication skills to effectively report to the CTO and other corporate officers regarding the status of the security and privacy program. In addition to managing compliance and security practices, the CISO will lead a team of security practitioners in areas such as incident management, application security, vulnerability management, and auditing. The role also involves conducting audits of business partners to ensure compliance with relevant laws and mandates, as well as maintaining a corporate-wide privacy and security training program. The CISO will actively monitor the regulatory landscape for changes that may impact the organization's security and privacy obligations, ensuring that the company remains proactive in its approach to information security.

Responsibilities

  • Develop and maintain a consolidated privacy and security program that integrates requirements across various compliance mandates, including PCI DSS, HIPAA, HITRUST and various privacy laws, including GDPR and CCPA.
  • Actively manage the implementation of and validate adherence to security practices across the organization to comply with the various privacy law and compliance mandates.
  • Support and lead a team of security practitioners in various practices such as incident management, application security, vulnerability management, and auditing.
  • Resolve allegations of non-compliance with the corporate policies or notice of information practices.
  • Govern security-specific metrics that demonstrate the performance of the security program including reduction in program cost, reduction in security incidents, and positive independent security assessment outcomes.
  • Report on a periodic basis to the CTO or committee regarding the status of the security and privacy program.
  • Mature the Privacy and Security program to better support the organization's core business strategy as an enabler for driving business development initiatives.
  • Provide strategic guidance to corporate officers regarding risk to information resources and technology.
  • Provide leadership in the planning, design and evaluation of privacy and security related projects.
  • Conduct audits of business partners to achieve independent validation of compliance with PCI, DSS, HIPAA and other privacy laws and compliance mandates for the company's technology and security program.
  • Maintain and mature a corporate-wide privacy and security training program.
  • Oversee appropriate sanctions for failure to comply with the corporate privacy policies and procedures.
  • Actively monitor the regulatory and legislative landscape for changes in requirements to protect the security and privacy of regulated data.

Requirements

  • Eight (8) years progressive experience in Information Security, or related field
  • Three (3) years' experience in a supervisory or senior level (plan, organize, and direct the work of a technical staff)
  • Four (4) years' experience in technical program management
  • Cyber-Security Certifications (CISSP, CISM, CISA, etc.)
  • Active proficiency in networking and communications protocols (TCP, HTTP, FTP, DNS, etc.)
  • Security architecture knowledge: firewalls, trust-boundaries, encryption, segmentation strategies, Cloud services, etc.
  • Internet security expertise, including transport security and web application security
  • Incident response and management experience (SIEM, IDS, forensic techniques, etc.)
  • Security auditing skills (vulnerability and penetration testing)
  • Identity and access management experience
  • Business resilience planning knowledge
  • Data privacy understanding, including GDPR, CCPA, etc.
  • Compliance management experience, including service provider management, PCI DSS and HIPAA compliance auditing

Benefits

  • $500 referral bonus

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service