Chief Information Security Officer
United States
Full Time Executive-level / Director USD 240K - 275K
Business Wire
Explore Business Wire for premium press release & newswire distribution services, offering global reach and tailored solutions for businesses worldwide. Expand your reach today.Organizations, large and small, depend on us to accurately publicize market-moving news and multimedia, and generate social engagements that develop interactions with their target audiences.
About the RoleBusiness Wire's Chief Information Security Officer (CISO) is responsible for advancing and managing a comprehensive information security practice protecting customers, partners, and company digital assets. At Business Wire, information security is a key consideration in our overall decision process from product ideation through business operations. We are seeking an experienced, technical, and dynamic CISO to join our team. The ideal candidate will have a proven track record of building and leading a strong InfoSec team, defining and implementing information security strategies, enhancing cloud and data center security, and ensuring compliance with industry standards in a fast-paced environment. The candidate should also be familiar with data, code, and information security best practices, as well as auditing processes. As the leader of the InfoSec organization, you will work collaboratively with all areas of the business including Engineering, Quality, Architecture, DevSecOps, IT Operations, Program Management, and Business Operations to ensure that we maintain a robust and highly effective information security program for our existing solutions while also supporting the buildout of new client solutions hosted in our data centers and the cloud. You will collaborate with all stakeholders and senior leaders across the company as well as a diverse team of participants throughout the development, deployment, and operational lifecycle. You will lead a strong team of security architects and engineers, help define the strategic direction for our security practice to meet the stringent requirements of our industry and clients, and continue to enforce a security-first culture.
What You'll Do· Build and lead a world-class InfoSec organization:o Mentor and lead a team of security professionals to protect our company's systems and customer data. o Enhance overall security strategy and align with the business objectives of the organization. Keep up with emerging threats and new technologies to enhance organizational cyber defense systems. Work with business and technology partners to facilitate risk management and risk management processes to mitigate potential threats to the organization's infrastructure, applications, and data.o Develop and conduct security awareness training for employees to promote a security-first culture throughout the organization. Ensure that employees are aware of their security responsibilities and trained to mitigate risks.o Improve and implement a security governance framework including controls, standards, policies, and guidelines. Ensure the consistent application of governance across all technology projects, products, systems, and services.o Manage the timely creation and dissemination of security-related communications including security awareness and training announcements, security compliance policies and processes, security alerts, and event messaging. o Measure the effectiveness of security controls. Define and use metrics to track performance.o Ensure that vendors and third-party providers adhere to the same high-security standards as our organization.o Balance security needs with user experience and usability. · Enhance cloud and data center security:o Enhance security strategy for our cloud and data center environments, data, code, and applications.o Make continuous improvements to our security strategies to protect critical assets and data.o Implement security controls and technologies, including AWS services such as IAM, VPC, WAF, and GuardDuty, to monitor and protect the organization's assets.o Plan for and respond to security incidents, and establish processes to minimize the impact. · Ensure timely internal and external audits:o Manage a comprehensive Governance Risk Compliance program in support of corporate audits and periodic client assessments.o Ensure that our company meets all internal and external audit requirements.o Conduct periodic penetration testing and vulnerability assessments.
What You'll Need
- 10+ years of relevant industry experience in an enterprise information security management role for a public-facing internet organization.
- 5+ years in a senior leadership role in security.
- Strong experience building and leading an InfoSec team. You should have experience in hiring and developing security talent, providing coaching, and driving a culture of excellence in security.
- Expertise in cloud security, including AWS and Azure.
- Experience in data encryption, access controls, code reviews, and secure coding practices.
- Familiarity with regulatory compliance such as PCI DSS, SOC 2, and ISO 27001.
- Excellent written and verbal communication skills with external and internal stakeholders including executives. Ability to deliver constructive and encouraging feedback.
- Proactive, organized, analytical, detail-oriented, and persistent.
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
- Certified Information Systems Security Professional (CISSP) or equivalent certification is a plus. Business Wire will not sponsor a new applicant for employment authorization for this position.
- Ability to work remotely 100%
- Excellent health benefits that begin on your first day of employment
- $100 monthly fitness allotment, a tuition reimbursement program, and enhanced mental health resources
- 401(k) plan with generous company match, and annual profit sharing contribution (subject to company performance)
- PTO, Floating Holidays, Wellness Day Off, Birthday Day Off, and more!
What We OfferThe base salary range for this position is $240K to $275K/year. Offered salary will be determined by several factors, including but not limited to: applicant’s education, experience, knowledge, skills and abilities, as well as internal equity and alignment with geographic market data. Business Wire reserves the right to modify this salary range at any time.
Business Wire’s total rewards include:
Tags: Audits AWS Azure CISO CISSP Cloud Compliance Computer Science Cyber defense DevSecOps Encryption Governance IAM ISO 27001 PCI DSS Pentesting Risk management Security strategy SOC SOC 2 Strategy
Perks/benefits: 401(k) matching Career development Equity Fitness / gym Flex vacation Health care Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs