Chief Information Security Officer (CISO) - 4 LOCS

at  NavitsPartners

POSITION OVERVIEW:

We are seeking an experienced and strategic-minded Chief Information Security Officer (CISO) to lead our organization’s information security program. The CISO will be responsible for establishing and maintaining a comprehensive cybersecurity strategy to protect our organization’s information assets and infrastructure. The successful candidate will possess strong leadership, technical expertise, and a deep understanding of cybersecurity best practices and compliance requirements.

REQUIREMENTS:

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field. Master’s degree preferred.
• years of experience in cybersecurity, with at least [X] years in a senior leadership role.
• Strong leadership and management skills, with the ability to inspire and motivate teams to achieve security goals.
• Deep understanding of cybersecurity principles, practices, and technologies.
• Experience with cybersecurity risk management, including risk assessment and mitigation strategies.
• Knowledge of regulatory and compliance requirements relevant to the organization’s industry.
• Excellent communication and interpersonal skills, with the ability to communicate complex technical concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to think strategically and drive results.
• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.

PREFERRED QUALIFICATIONS:

• Experience in the industry or domain relevant to the organization’s business.
• Experience with cloud security technologies and platforms (e.g., AWS, Azure).
• Experience with incident response planning and management.
• Experience with security operations center (SOC) management and operations.
• Experience with regulatory compliance audits and assessments.

• Develop and implement the organization’s information security strategy, policies, and procedures.
• Lead and manage the information security team to ensure effective execution of security initiatives and programs.
• Establish and maintain a risk-based approach to cybersecurity, including risk assessment, mitigation, and monitoring.
• Identify and assess cybersecurity threats and vulnerabilities, and develop strategies to mitigate risks.
• Ensure compliance with applicable laws, regulations, and industry standards related to information security (e.g., GDPR, HIPAA, PCI DSS).
• Oversee the design, implementation, and maintenance of security controls, including access controls, encryption, and identity management.
• Monitor and analyze security incidents and breaches, and coordinate response and recovery efforts as needed.
• Conduct regular security audits, assessments, and penetration testing to identify weaknesses and areas for improvement.
• Provide guidance and recommendations to executive leadership on cybersecurity matters, including budgeting and resource allocation.
• Develop and deliver security awareness training and education programs for employees.
• Stay current with emerging threats, technologies, and best practices in cybersecurity.