Use your skills where innovative technology solutions begin. Eclaro is looking for a CISO for our client in New York, NY.
Eclaro’s client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you’re up to the challenge, then take a chance at this rewarding opportunity!
- The Chief Information Security Officer (CISO) is responsible for security strategy, security program oversight and security architecture development and implementation for the organization. The role covers all security technologies and services, physical and logical access control, and user profile management. The CISO also has responsibility for all data/information security policies, standards, evaluations, roles, and organizational awareness.
- The CISO is responsible for managing data and information risks related to product development, technology solutions, crisis management, data privacy and regulatory compliance. The role also directs the adoption and implementation of policies and procedures, manages cyber threat analysis activities and guides the development of the information security technical architecture and security standards, controls, procedures and guidelines for the computer platforms, applications and networks including utilization of cloud technologies.
- Work with Functional Areas to implement practices that meet defined policies and standards for information security.
- Coordinate information security and risk management projects with technology and operations groups as well as business teams.
- Provide strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls.
- Direct the preparation activities to support SOC-2, customer and other audits.
- Develop, manage and improve a comprehensive information security risk-based program to ensure the integrity, confidentiality and availability of information assets.
- Develop an IT security architecture roadmap that will identify security controls and identify and assess current and new technologies that will enforce the organization's security priorities.
- Develop, maintain, and promote information security policies, standards and guidelines.
- Ensure that controls comply with contractual obligations, corporate policies, and legal and regulatory requirements.
- Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
- Define and facilitate the information security risk assessment process and work effectively with technology group in implementation of security measures.
- Provide strategic risk guidance and consultation for corporate IT projects, including the evaluation and recommendation of technical standards and controls.
- Establish and implement a process for incident management to effectively identify, respond, contain and communicate a suspected or confirmed incident.
- Identify, assess, and prioritize IT risks to data and systems, including external threats, cyber-crimes, internal threats and third-party risks. Advise relevant stakeholders on the appropriate courses of action to mitigate or eliminate risk.
- Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security or disaster event.
- Bachelor's degree in Information Security, Computer Science, Management of Information Systems, or related field required. Masters preferred.
- Minimum of 10 years of experience in a combination of risk management, information security and information technology fields. At least 4 years of experience in a senior leadership role. Employment history must demonstrate increasing levels of responsibility.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
- Poise and ability to act calmly and competently in high-pressure, high-stress situations.
- Knowledge and demonstrated experience of relevant legal and regulatory requirements, such as SOC-2.
- Knowledge of common information security management frameworks, such as NIST.
- Experience in dealing with internal / external auditors and senior company management.
- Strong process discipline in a continuous improvement environment.
- Demonstrated capabilities in leadership, innovation, problem solving, influencing, organizing and relationship building.
If hired, you will enjoy the following Eclaro Benefits:
- 401k Retirement Savings Plan administered by Merrill Lynch
- Commuter Check Pretax Commuter Benefits
- Eligibility to purchase Medical, Dental & Vision Insurance through Eclaro
Interested in applying? Contact Jeanine Hastings at 646-755-9303, or email firstname.lastname@example.org to discuss and apply for this position.
Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.