Chief Information Security Officer (CISO)
Location: Wall Township, NJ (Hybrid)
Employment Type: Full-Time
Security Requirement: U.S. Person Required | Public Trust Eligible
About the Opportunity
JFR Staffing is partnering with a rapidly growing SaaS technology company seeking a Chief Information Security Officer (CISO) to lead enterprise security, compliance, governance, and risk management initiatives.
This is a hands-on executive leadership role responsible for developing and executing the organization's security strategy while overseeing day-to-day security operations, regulatory compliance programs, and risk management activities. The ideal candidate is equally comfortable presenting to executive leadership and participating directly in security program execution.
Position Summary
The CISO will serve as the senior security leader responsible for the organization's security posture across cloud-based SaaS environments supporting highly regulated customers. This role will oversee information security governance, compliance frameworks, vulnerability management, incident response, third-party risk management, and audit readiness.
Initially operating in a player-coach capacity, the successful candidate will help scale the security function while maintaining ownership of key operational security responsibilities.
Executive Leadership Responsibilities
Security Strategy & Governance
- Develop and execute a multi-year information security strategy aligned with organizational growth objectives.
- Establish and maintain enterprise security policies, standards, and governance frameworks.
- Drive continuous improvement of security maturity and risk management capabilities.
Executive Reporting & Risk Management
- Present security metrics, risk assessments, compliance status, and strategic initiatives to executive leadership.
- Maintain enterprise risk registers and ensure appropriate escalation of critical business risks.
- Support cyber insurance reviews, renewals, and risk assessments.
Customer & Regulatory Assurance
- Serve as the executive point of contact for customer security reviews, audits, and compliance inquiries.
- Support responses to security questionnaires, RFPs, and customer due diligence requests.
- Represent the organization during external compliance and certification audits.
Security Program Leadership
- Build, mentor, and scale the information security function.
- Establish security hiring plans, staffing models, and operational processes.
- Collaborate with IT, Engineering, Product, and Operations teams to integrate security throughout the organization.
Incident Management
- Lead executive response efforts for significant security incidents.
- Coordinate communications with leadership, legal counsel, customers, and external stakeholders as required.
- Conduct post-incident reviews and drive corrective action plans.
Vendor & Third-Party Risk
- Lead security assessments of vendors, partners, and strategic service providers.
- Establish and maintain third-party risk management processes.
Operational Security Responsibilities
- Maintain security documentation, policies, standards, and compliance artifacts.
- Oversee continuous monitoring activities and vulnerability management programs.
- Manage remediation efforts and track security findings through resolution.
- Lead annual audit activities and evidence collection efforts.
- Conduct periodic access reviews across cloud and enterprise systems.
- Maintain incident response plans and coordinate tabletop exercises.
- Oversee penetration testing activities and remediation programs.
- Manage endpoint security, vulnerability management, and related security tooling.
- Ensure compliance with internal security controls and regulatory requirements.
Required Qualifications
- 10+ years of progressive information security experience.
- 3+ years in a security leadership role such as CISO, Director of Information Security, Security Manager, or equivalent.
- Experience supporting highly regulated environments and compliance-driven organizations.
- Deep knowledge of information security frameworks including NIST, SOC 2, ISO 27001, and related standards.
- Strong cloud security experience within AWS and Microsoft environments.
- Experience managing vulnerability management, incident response, governance, risk, and compliance programs.
- Ability to operate effectively as both a strategic leader and hands-on contributor.
- Exceptional executive communication and stakeholder management skills.
Preferred Qualifications
- CISSP, CISM, CCISO, CISA, CRISC, CCSP, or related certifications.
- Experience leading security programs within SaaS or cloud-based technology organizations.
- Prior experience managing regulatory audits and compliance initiatives.
- Familiarity with modern security platforms, endpoint protection, SIEM, vulnerability management, and governance tools.
- Experience building and scaling security teams.
- Background supporting government, public sector, critical infrastructure, telecommunications, or highly regulated industries.
Success Metrics
First 90 Days
- Establish ownership of security governance, compliance activities, and risk management processes.
- Assess current security posture and identify key improvement opportunities.
- Implement a sustainable audit and evidence management process.
Within 6 Months
- Successfully support major audit and compliance initiatives.
- Mature vulnerability management and risk remediation programs.
- Strengthen executive reporting and security governance processes.
Within 12 Months
- Deliver an approved security roadmap aligned with business objectives.
- Expand security capabilities and team structure as appropriate.
- Demonstrate measurable improvements in risk reduction, compliance readiness, and security operations.
Benefits
- Health Insurance
- Paid Time Off
- Career Growth Opportunities
- Collaborative Leadership Environment
- Hybrid Work Schedule
Work Location
Wall Township, NJ (Hybrid)