About the job
The Chief Information Security Officer is responsible for the cybersecurity of the organization's information and data. Together with the Board of Directors, they ensure privileged information is not compromised due to internal or external breaches.
As the CISO and process owner of all activities related to the availability, integrity and confidentiality of customer, business partner, employee, and business information, the CISO will ensure that the organization is in compliance with its information security policies. A key element of the CISO's role is working with senior management to determine acceptable levels of risk for the organization. This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. The CISO should have a comprehensive knowledge of possible IT security risks and mitigate them. Ultimately, the CISO should prepare the organization for potential cyber-attacks, and its response.
The CISO reports directly to the Chief Executive Officer. The CISO must directly communicate to the Chief Executive Officer and the Board of Directors about potential information security risks to the organization, mitigation plans for potential risks, and create greater security awareness among all employees within the organization.
- Develop, implement, and monitor a strategic and comprehensive enterprise information security and IT risk management program.
- Work directly with the business units to facilitate risk assessment and risk management processes.
- Develop and enhance an information security management framework.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
- Partner with business stakeholders across the organization to raise awareness of risk management concerns.
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
- Proven experience managing security and standards compliance in a blockchain and cryptocurrency environment, preferably with cryptographic key management skills.
- Minimum of 8 to 12 years of experience in a combination of risk management, information security and IT jobs.
- Master’s degree in business administration or a technology-related field required.
- Professional security management certification.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST, and FFIEC.
- Excellent written and verbal communication skills and high level of personal integrity.
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
- Experience with third-party vendor negotiations and contracting as well as managing vendor services.
- Experience with Cloud computing/Elastic computing across virtualized environments.
- Authorized to work in the United States. This position is located in the United States.