Chief Information Security Officer (CISO)

Apply fast, check the full description by scrolling below to find out the full requirements for this role.Reports to: PresidentLocation: Maryland (Hybrid remote)Position Summary:The Chief Information Security Officer (CISO) is responsible for establishing and maintaining RKCS's enterprise-wide information security program to ensure that all information assets are adequately protected. The CISO will be responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of the organization.Key Responsibilities:Security Strategy Development & Implementation: Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, confidentiality, and availability of information assets.Risk Management: Perform regular security assessments, audits, and relevant risk assessments, communicating results to executive management and board members.Policy Development: Develop and implement information security policies, standards, guidelines, and procedures.Incident Management: Lead the incident response team in effectively mitigating security incidents, including data breaches and cyber-attacks, and collaborate with the legal department for any necessary follow-up.Compliance & Audit: Ensure that the company is in compliance with all relevant legal and regulatory requirements, including data protection laws and cybersecurity standards like ISO 27001, GDPR, and any industry-specific guidelines.Employee Training and Awareness: Develop and manage a security awareness and training program for all employees.Vendor Management: Ensure that security is integrated into the third-party vendor risk management process.Budget Management: Responsible for information security budget and allocations, ensuring cost-effective resource use.Technology Evaluation: Evaluate new cybersecurity threats and IT trends and adapt current processes and technologies to mitigate risks to the organization.Reporting: Regularly update the executive team and the board of directors on the status of information security, risks, and projects.Qualifications:Bachelor's degree in computer science, Information Technology, or a related field, Master's preferred.Minimum of 10 years of experience in a combination of risk management, information security, and IT roles.At least 5 years of experience in a senior leadership role.Relevant certifications such as CISSP, CISM, CISA, etc.Strong understanding of firewall and intrusion detection/prevention technologies.Experience with contract and vendor negotiations.Excellent written and verbal communication skills.Key Competencies:Strong leadership skillsExcellent communication and organizational skillsAnalytical thinking and problem-solving capabilitiesAbility to manage multiple prioritiesAdaptability and stress toleranceInterested candidates should submit their application, including a cover letter and resume, to careers@.BENEFITS4 Health Insurance OptionsGAP Insurance OptionsDental PlanLife Insurance OptionsLong-term DisabilityShort-term DisabilityLegal OptionHSA OptionPTO401k PlanPension Plan#J-18808-Ljbffr

Created: 2025-01-01