Information Security Officer

Job Description:

CBE Companies, a global provider of contact center services, has an immediate need for a Information Security Officer and we would LOVE to connect with you about this exciting career opportunity! As a result of exceptional performance and growth in our industry, we are looking for the “Best-of-the-Best” to join our winning team and support both recent and future growth! Why would CBE be a good fit for you?

With over 1200 employees currently, CBE has been providing quality jobs throughout the US for 90 years—and we’re still going strong because we offer employees:

• Excellent benefits package; medical, dental, and vision coverages, 401K retirement plan with company match, tuition reimbursement, paid time off, amongst many other perks!

• Ongoing training & support!

• Career culture with many opportunities for advancement!

Come work for Training magazine Top 100 award winner! Also recently recognized for the second year in a row as a Top Workplace in the USA, CBE is committed to “doing the right thing”; we invest in you from the date of hire and throughout your career, allowing CBE to develop a successful workforce ready to solve problems for our clients. We pride ourselves on a diverse and inclusive corporate culture with a strong track record of success—and we’re looking for people who value opportunity, challenge, innovation, results, and FUN!

Invest in your future with a company that will invest in YOU!

The Information Security Officer is responsible for executing the cybersecurity strategy across the Call Center operations in the United States and the Philippines. This role is integral to safeguarding client data, ensuring compliance with industry standards, and maintaining the overall security posture of the organization. The individual will report directly to the Chief Risk Officer (CRO) and will be responsible for integrating with the Information Security team, driving security initiatives, and ensuring the implementation of cybersecurity best practices across the business.

Job Details:

• Hybrid/Remote opportunity!

• Cybersecurity Strategy Development: Develop and implement a comprehensive cybersecurity strategy that aligns with the company’s business goals, operational needs, and regulatory requirements. This includes identifying potential threats, risks, and vulnerabilities, and setting priorities for addressing them.

• Risk Assessment and Mitigation: Conduct regular security risk assessments to evaluate the effectiveness of current security practices and identify potential areas for improvement. Develop and implement mitigation strategies to address identified risks.

• Incident Response Management: Lead and manage the organization’s incident response efforts for cybersecurity events. This includes coordinating the response, performing root cause analysis, containment, recovery, and post-incident reporting. Ensure the development and maintenance of an incident response plan that can be activated during critical events.

• Security Audits and Compliance: Oversee periodic audits of IT systems, vendor relationships, and business processes to ensure compliance with established cybersecurity frameworks and regulatory requirements, including ISO 27001, SOC 2, HIPAA, PCI-DSS, GDPR, and other relevant privacy laws. Ensure that security controls meet or exceed these standards.

• Collaboration Across Functions: Work closely with cross-functional teams, including IT, Legal, Compliance, Enterprise Risk, HR, and Operations, to integrate cybersecurity best practices and security-conscious decision-making across all areas of the business. Act as a trusted advisor in guiding teams to maintain a robust security posture.

• Security Tools and Technology Evaluation: Evaluate, recommend, and implement security tools, platforms, and service providers to enhance the organization’s cybersecurity infrastructure. Stay current with industry trends and developments in cybersecurity technologies.

• Proactive Threat Defense: Monitor threat intelligence feeds and leverage them to lead proactive defenses against emerging vulnerabilities and attacks. This includes identifying patterns and trends in cyber threats and leading efforts to strengthen the organization’s defenses against these threats.

• Client Security Engagement: Provide support for client security assessments and participate in security discussions during RFP processes, client meetings, and audits. Be a resource for clients on their security needs and concerns, providing guidance and advice on best practices and security solutions.

• Security Awareness and Training: Develop and implement security awareness programs for employees to ensure they understand their role in maintaining the organization’s security posture. Provide regular training to staff on recognizing potential security risks, such as phishing, and on proper data handling practices.

• Reporting and Communication: Regularly report on security efforts, incidents, and trends to senior management and the Chief Risk Officer (CRO). Present complex security issues in a clear and concise manner to non-technical stakeholders, including leadership, clients, and regulatory bodies.

• Team Integration: Integrate with and be a thought leader to the Information Security (InfoSec) team, providing guidance, mentorship, and oversight. Ensure, by coordinating with the CRO, the team has the resources, training, and support needed to execute the organization’s cybersecurity strategy effectively. Support a collaborative, results-oriented team culture focused on continuous improvement.

• The Company reserves the right to change or assign other duties to this position as appropriate.

Job Requirements:

• 10+ years of experience in cybersecurity, with at least 3 years in a senior advisory or leadership role.

• Experience in Call Center, contact center, or outsourcing environments.

• Must be able to obtain government clearance after hire. US Citizenship is required by the US government in order to obtain government clearance. 

• Proven expertise in risk management, data protection, incident response, and regulatory compliance.

• Strong understanding of global security frameworks and privacy regulations (e.g., NIST, ISO 27001, PCI-DSS, HITECH, GLBA).

• Hands-on knowledge of current cybersecurity tools and methodologies.

• Strong communication and presentation skills with the ability to interface with senior leadership, clients, and regulators.

• Industry certification(s) required (e.g., CISSP, CISM, CRISC, ISO 27001)

• Ability to obtain federal security clearance as needed.

• Experience working with distributed teams.

• Prior involvement in client-facing security discussions and RFP support.

• Ability to influence without direct authority and build trust across departments.

• Comfortable working in fast-paced, high-growth environments.

The starting pay range for this position is $113,000 - $120,000/year. An individual's actual compensation will depend on the individual's qualifications and experience.

CBE Companies is an Equal Opportunity/Affirmative Action Employer. CBE Companies is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex (including pregnancy), sexual orientation, national origin, gender (including gender identity and transgender status), genetic information, disability, veteran status or other protected statuses in accordance with applicable federal, state, and local laws. 

Background check and drug testing required.

#CF2

CBE Companies is an equal opportunity employer. We celebrate inclusion and are committed to creating a welcoming environment for all employees.