Senior Cybersecurity Information Security Officer

A Senior Cybersecurity Information Security Officer is needed for a remote position with occasional travel. The role involves developing, implementing, and managing enterprise-wide security strategies to protect data, systems, and networks. Responsibilities include overseeing security operations, risk management, threat intelligence, and incident response, while ensuring compliance with industry standards and regulations. This position requires at least 5 years of experience in cybersecurity and information security management, with hands-on experience in developing and enforcing security strategies and policies.

Qualifications and Education Requirements:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• 8+ years of IT experience, including at least 5 years in cybersecurity and information security management.
• Strong knowledge of security frameworks and standards (ISO 27001, NIST, GDPR).
• Proven experience in risk management and incident response, with hands-on experience in security technologies (e.g., firewalls, IDS/IPS, SIEM).
• Leadership and communication skills, with the ability to collaborate with cross-functional teams and advise senior management.
• Problem-solving skills and the ability to develop effective security strategies.

Role and Responsibilities:

• Security Strategy and Planning: Develop and implement comprehensive security strategies, policies, and procedures. Ensure alignment with business objectives and compliance standards. Develop a system security plan (SSP) and create ATO package for approval.
• Risk Management: Identify, assess, and manage security risks, and execute mitigation plans to address emerging threats and vulnerabilities.
• Incident Response: Lead the team in responding to security incidents, conducting post-incident analysis, and developing strategies to prevent future breaches.
• Compliance: Ensure compliance with security standards (ISO 27001, NIST, GDPR) through regular audits and assessments.
• Training and Awareness: Develop and deliver security training programs to enhance employee awareness of security best practices.
• Collaboration: Coordinate with IT, legal, and other departments to ensure cohesive security efforts. Advise senior management on security matters.
• Monitoring and Reporting: Manage security monitoring tools, track security incidents, and regularly report the organization’s security posture to leadership.