Chief Information Security Officer

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

Chief Information Security Officer (CISO) based in US – Remote Setup

Avid Technology is seeking for a Chief Information Security Officer ​ to drive maturity in establishing and maintaining the enterprise information security vision, strategy, and program to ensure information assets and technologies are adequately protected based on acceptable business risk. This role will build and lead a strong team to identify, develop, implement, and maintain processes across the organization to reduce IT and corporate data loss risks. The Chief Information Security Officer will establish appropriate information standards and controls, manage security technologies, direct the development and implementation of policies and procedures, lead the response to cyber incidents and communicate effectively to executive leadership. The successful candidate must have an expert understanding of the global cyber risk landscape and lead their team with the purpose to minimize/ neutralize any cyber threat to the organization. Additionally, this role will oversee the management of IT infrastructure (including cloud) to ensure it aligns with the organization's security and operational goals. 

KEY RESPONSIBILITIES

• Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.

• Build a high performing team of in-house talent and service providers to enable effective Security Operations Center, SIEM, Vulnerability Management and Incident Response playbooks.

• Develop and enhance an information security management framework (ISO, NIST or equivalent).

• Work directly with the business units to facilitate risk assessment and risk management processes.

• Develop and manage the information security risk register and report the current risks and plans to mitigate to executive leadership, Audit Committee, Board and/or Enterprise Risk Committee and business stakeholders.

• Develop and execute semiannual security awareness training, table top exercises and foster a security first culture across the company.

• Lead Information Security due diligence questionnaire (DDQ) process ensuring all client requests are fulfilled timely.

• Partner with the General Counsel and Legal teams to uphold compliance with data privacy regulations including GDPR, CCPA, etc.

• Develop and manage KPIs for IT and Information Security (including the following), report quarterly to executive leadership and demonstrate improved progress.

  • Mean Time to Detect

  • Mean Time to Respond

  • Mean Time to Resolve

  • Vulnerability Patch Rate/%

  • Risk Assessment Score

  • Number of Compliance Violations

  • Phishing click rate

  • Security Awareness Training completion rate

  • Security Spend per FTE

• Develop and test IT Disaster Recovery and Business Continuity plans.

• Interact with related disciplines and lead governance committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.

• Provide leadership to the enterprise’s information security organization.

• Evaluate third party vendors for cybersecurity and risk management.

• Build and foster a “zero trust” architecture and culture for identity management across the firm.

• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.

• Oversee the management and maintenance of IT infrastructure, ensuring it supports the organization's security and operational requirements.

• Collaborate with IT operations to ensure infrastructure components are secure and resilient.

QUALIFICATIONS

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field. Master’s degree preferred.

• Professional security management certification, such as CISSP, CISM, or CISA.

• Minimum of 10 years of experience in a combination of risk management, information security, and IT leadership roles.

• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.

• Proven success implementing and managing security solutions such as CrowdStrike, Axonius, Cloudflare, Wiz, Mimecast.

• Experience with implementing and managing data classification solutions, such as BigID, to reduce data loss risk.

• Business acumen and understanding of how various functions operate and ability to identify and implement solutions that will reduce information security risk while maintaining enterprise productivity.

• Expert knowledge of cloud security, including AWS and MSFT Azure / Entra.

• Understanding of effective development security practices including CI/CD security and automated code threat detection.

• Experience with AI threat detection, risk assessment and security governance tools are required.

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.

• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.

• Experience with breach response planning, post incident reviews, including partnering with third party forensic firms and law enforcement as needed.

• Ability to influence change outside the position’s direct span of control.

• Proven success in deliver projects on time and within scope.

• Experience in managing and ensuring best in class configuration of IT infrastructure, including networks, servers, and cloud services.

• Proven experience in building and leading high performing IT and Information Security teams.

What to look forward to? 

• Join a global team and experience a dynamic, collaborative work environment that fosters innovation and growth.

• Hybrid work model offering flexibility to balance work and life.

• Access to development programs with strong support and mentoring to help you grow and advance within the company.

• Equal opportunity employer committed to diversity, inclusivity, and creating a welcoming environment for all employees.

• Attractive benefits package including health & life insurance, referral rewards, and generous leave policies to ensure a healthy work-life balance.

Think this role is a good fit for you? Apply now!

ABOUT AVID
Avid Technology is a leading provider of software and hardware solutions for the media and entertainment industry. Our products are trusted by some of the world’s most iconic creators, studios, and broadcasters. We empower creative professionals with the tools they need to produce and distribute high-quality content. By driving the future of media production, Avid continues to shape the way stories are told and experienced globally.

To learn how Avid powers greater creators or for more information, visit www.avid.com.

US Pay Transparency Range $225,000.00 - $235,300.00

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!