Chief Information Security Officer

United States

Business Wire

Explore Business Wire for premium press release & newswire distribution services, offering global reach and tailored solutions for businesses worldwide. Expand your reach today.

View company page

Business Wire, a Berkshire Hathaway company, is the global market leader in press release distribution and regulatory disclosure. We are on a mission to redefine how organizations connect with their audiences - and that’s just the beginning!
Organizations, large and small, depend on us to accurately publicize market-moving news and multimedia, and generate social engagements that develop interactions with their target audiences.
About the RoleBusiness Wire's Chief Information Security Officer (CISO) is responsible for advancing and managing a comprehensive information security practice protecting customers, partners, and company digital assets. At Business Wire, information security is a key consideration in our overall decision process from product ideation through business operations. We are seeking an experienced, technical, and dynamic CISO to join our team. The ideal candidate will have a proven track record of building and leading a strong InfoSec team, defining and implementing information security strategies, enhancing cloud and data center security, and ensuring compliance with industry standards in a fast-paced environment.  The candidate should also be familiar with data, code, and information security best practices, as well as auditing processes. As the leader of the InfoSec organization, you will work collaboratively with all areas of the business including Engineering, Quality, Architecture, DevSecOps, IT Operations, Program Management, and Business Operations to ensure that we maintain a robust and highly effective information security program for our existing solutions while also supporting the buildout of new client solutions hosted in our data centers and the cloud. You will collaborate with all stakeholders and senior leaders across the company as well as a diverse team of participants throughout the development, deployment, and operational lifecycle.   You will lead a strong team of security architects and engineers, help define the strategic direction for our security practice to meet the stringent requirements of our industry and clients, and continue to enforce a security-first culture. 
What You'll Do·       Build and lead a world-class InfoSec organization:o   Mentor and lead a team of security professionals to protect our company's systems and customer data. o   Enhance overall security strategy and align with the business objectives of the organization. Keep up with emerging threats and new technologies to enhance organizational cyber defense systems. Work with business and technology partners to facilitate risk management and risk management processes to mitigate potential threats to the organization's infrastructure, applications, and data.o   Develop and conduct security awareness training for employees to promote a security-first culture throughout the organization. Ensure that employees are aware of their security responsibilities and trained to mitigate risks.o   Improve and implement a security governance framework including controls, standards, policies, and guidelines. Ensure the consistent application of governance across all technology projects, products, systems, and services.o   Manage the timely creation and dissemination of security-related communications including security awareness and training announcements, security compliance policies and processes, security alerts, and event messaging. o   Measure the effectiveness of security controls. Define and use metrics to track performance.o   Ensure that vendors and third-party providers adhere to the same high-security standards as our organization.o   Balance security needs with user experience and usability. ·       Enhance cloud and data center security:o   Enhance security strategy for our cloud and data center environments, data, code, and applications.o   Make continuous improvements to our security strategies to protect critical assets and data.o   Implement security controls and technologies, including AWS services such as IAM, VPC, WAF, and GuardDuty, to monitor and protect the organization's assets.o   Plan for and respond to security incidents, and establish processes to minimize the impact.  ·       Ensure timely internal and external audits:o   Manage a comprehensive Governance Risk Compliance program in support of corporate audits and periodic client assessments.o   Ensure that our company meets all internal and external audit requirements.o   Conduct periodic penetration testing and vulnerability assessments.

What You'll Need

  • 10+ years of relevant industry experience in an enterprise information security management role for a public-facing internet organization.
  • 5+ years in a senior leadership role in security.
  • Strong experience building and leading an InfoSec team. You should have experience in hiring and developing security talent, providing coaching, and driving a culture of excellence in security.
  • Expertise in cloud security, including AWS and Azure.
  • Experience in data encryption, access controls, code reviews, and secure coding practices.
  • Familiarity with regulatory compliance such as PCI DSS, SOC 2, and ISO 27001.
  • Excellent written and verbal communication skills with external and internal stakeholders including executives. Ability to deliver constructive and encouraging feedback.
  • Proactive, organized, analytical, detail-oriented, and persistent.
  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
  • Certified Information Systems Security Professional (CISSP) or equivalent certification is a plus.
  • Business Wire will not sponsor a new applicant for employment authorization for this position.
    What We OfferThe base salary range for this position is $240K to $275K/year.  Offered salary will be determined by several factors, including but not limited to: applicant’s education, experience, knowledge, skills and abilities, as well as internal equity and alignment with geographic market data.  Business Wire reserves the right to modify this salary range at any time.
    Business Wire’s total rewards include:
  • Ability to work remotely 100%
  • Excellent health benefits that begin on your first day of employment
  • $100 monthly fitness allotment, a tuition reimbursement program, and enhanced mental health resources
  • 401(k) plan with generous company match, and annual profit sharing contribution (subject to company performance)
  • PTO, Floating Holidays, Wellness Day Off, Birthday Day Off, and more!
A pre-employment background check will be required after the acceptance of an offer. Business Wire is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Pursuant to the San Francisco Fair Chance Ordinance and other similar state laws and local ordinances, and its internal policy, Business Wire will also consider for employment qualified applicants with arrest and conviction records.
Apply now Apply later
  • Share this job via
  • or

Tags: Audits AWS Azure CISO CISSP Cloud Compliance Computer Science Cyber defense DevSecOps Encryption Governance IAM ISO 27001 PCI DSS Pentesting Risk management Security strategy SOC SOC 2 Strategy

Perks/benefits: 401(k) matching Career development Equity Fitness / gym Flex vacation Health care Wellness

Region: North America
Country: United States
Job stats:  11  5  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.