We have been retained by an enterprise cybersecurity technology client to help them identify a CISO / Chief Information Security Officer to lead their cybersecurity strategy and be the face of the company to customers.
The Chief Information Security Officer (CISO) position provides leadership and oversight in the strategic planning, execution, and assessment of all company cybersecurity strategies, policies, procedures, and guiding practices to be implemented.
The Chief Information Security Officer will manage and continuously modify when necessary a comprehensive information security program to ensure that all information assets are adequately protected against current/future internal and external threats. The security program is based on NIST. The expectation is that this leader will build on the current framework and bring additional value. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling the company to develop an anticipatory response to minimize information security risk.
You will lead Corporate Security & Governance, and also play a key role in leading product offering, and partner with Business Unit to develop secure products. She/he will be responsible for managing programs of large scope, impact, and complexity through all phases of the security lifecycle. The ideal leader needs to bring Security First culture in everything, while freeing the good and stopping the bad. She/he also needs to bring the culture of enabling the business to achieve their goals, while protecting and managing the risk for the company appropriately. The ideal candidate should be able to develop efficient strategies and tactics, to make Security ingrained in the process of the business with appropriate policies and tools, rather than just a governing body. This is a most visible role across the executive & board leadership, and the leader will report directly to the CEO.
The CISO will lead a team of 30-40 professionals. This leader acts as the key liaison and local point of contact for all information security communications and projects and coordinates the necessary alignment of internal staff and other global information systems areas. The Chief Information Security Officer determines projects and priorities for all information security issues. He/she establishes short and long-term business plans to achieve the security vision defined in the company’s strategic plan.
The CISO will identify vulnerabilities in information systems, network / systems architecture, network / system design implementations and work with responsible personnel to close or mitigate the vulnerabilities. He/she will direct the action of the Incident Response Team in the event that a security incident occurs. He/she will work closely with IT leadership to manage capacity, performance, and security within a service level agreement framework to assure the overall effectiveness of all IT services. The Chief Information Security Officer will work closely with IT and business leaders to identify and mitigate risks and establish/maintain strategic alignment of technology initiatives, information security and business objectives.
The CISO will develop the roadmaps, processes, procedures, and actions to be taken in the event of different IT security breaches. The CISO will not only need to develop these plans but is also expected to communicate and educate the Board and internal community on how the IT security organization will manage a security occurrence if one occurs. The CISO is also expected to effectively communicate and teach the company on what is going on in the world of information security and what employees can do to help the IT Security organization both prevent a security breach and easily manage through a security breach if it occurs.
The CEO and the Board look to the CISO to work collaboratively with IT, Internal Audit, and professional staff to understand the business to effectively assess the current state of IT security, the risks associated with the current state of security, and plans to address current risk and proactively improve IT security.
Specific Responsibilities Include:
Requirements:
We have been retained by an enterprise cybersecurity technology client to help them identify a CISO / Chief Information Security Officer to lead their cybersecurity strategy and be the face of the company to customers.
The Chief Information Security Officer (CISO) position provides leadership and oversight in the strategic planning, execution, and assessment of all company cybersecurity strategies, policies, procedures, and guiding practices to be implemented.
The Chief Information Security Officer will manage and continuously modify when necessary a comprehensive information security program to ensure that all information assets are adequately protected against current/future internal and external threats. The security program is based on NIST. The expectation is that this leader will build on the current framework and bring additional value. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling the company to develop an anticipatory response to minimize information security risk.
You will lead Corporate Security & Governance, and also play a key role in leading product offering, and partner with Business Unit to develop secure products. She/he will be responsible for managing programs of large scope, impact, and complexity through all phases of the security lifecycle. The ideal leader needs to bring Security First culture in everything, while freeing the good and stopping the bad. She/he also needs to bring the culture of enabling the business to achieve their goals, while protecting and managing the risk for the company appropriately. The ideal candidate should be able to develop efficient strategies and tactics, to make Security ingrained in the process of the business with appropriate policies and tools, rather than just a governing body. This is a most visible role across the executive & board leadership, and the leader will report directly to the CEO.
The CISO will lead a team of 30-40 professionals. This leader acts as the key liaison and local point of contact for all information security communications and projects and coordinates the necessary alignment of internal staff and other global information systems areas. The Chief Information Security Officer determines projects and priorities for all information security issues. He/she establishes short and long-term business plans to achieve the security vision defined in the company’s strategic plan.
The CISO will identify vulnerabilities in information systems, network / systems architecture, network / system design implementations and work with responsible personnel to close or mitigate the vulnerabilities. He/she will direct the action of the Incident Response Team in the event that a security incident occurs. He/she will work closely with IT leadership to manage capacity, performance, and security within a service level agreement framework to assure the overall effectiveness of all IT services. The Chief Information Security Officer will work closely with IT and business leaders to identify and mitigate risks and establish/maintain strategic alignment of technology initiatives, information security and business objectives.
The CISO will develop the roadmaps, processes, procedures, and actions to be taken in the event of different IT security breaches. The CISO will not only need to develop these plans but is also expected to communicate and educate the Board and internal community on how the IT security organization will manage a security occurrence if one occurs. The CISO is also expected to effectively communicate and teach the company on what is going on in the world of information security and what employees can do to help the IT Security organization both prevent a security breach and easily manage through a security breach if it occurs.
The CEO and the Board look to the CISO to work collaboratively with IT, Internal Audit, and professional staff to understand the business to effectively assess the current state of IT security, the risks associated with the current state of security, and plans to address current risk and proactively improve IT security.
Specific Responsibilities Include:
Requirements:
15+ years’ experience in Information Security in enterprise global environments
Held the CISO role / title.
Experience with SaaS transformation and pre-IPO scaling challenges
Certification as a Certified Information Security Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), or Certified Information Security Manager (CISM);
Experience with IT security standards or frameworks such as ISO 270xx, and NIST 800 series
Experience managing team size of 30-40 people
Demonstrated experience managing threat response
Proven experience conceiving and delivering innovative solutions leveraging technology and information
Senior executive presence, comfortable presenting and collaborating with Executive Leaders and Board, as a Business Advisor
CISO will work closely with executive leadership and partner with the CHRO, General Counsel and Data Privacy Officer
Experience and comprehensive knowledge of Information Systems, Financials, Contract Management, ITIL, and business processes
Ability to successfully manage and execute multiple, large scale projects using established project management tools and processes
Excellent written and verbal interpersonal skills including crafting vision and strategy and demonstrated ability to condense data in order to synthesize crisp and easily understandable deliverables
Demonstrated track record of building and maintaining highly collaborative, flexible, and productive cross-organization teams
Ability to seek innovative solutions to obstacles
Ability to lead process improvement
Knowledge of systems implementations, SDLC, change control
Knowledge of information security policies, procedures, and practices
Knowledge of disaster recovery processes
We have been retained by an enterprise cybersecurity technology client to help them identify a CISO / Chief Information Security Officer to lead their cybersecurity strategy and be the face of the company to customers.
The Chief Information Security Officer (CISO) position provides leadership and oversight in the strategic planning, execution, and assessment of all company cybersecurity strategies, policies, procedures, and guiding practices to be implemented.
The Chief Information Security Officer will manage and continuously modify when necessary a comprehensive information security program to ensure that all information assets are adequately protected against current/future internal and external threats. The security program is based on NIST. The expectation is that this leader will build on the current framework and bring additional value. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling the company to develop an anticipatory response to minimize information security risk.
You will lead Corporate Security & Governance, and also play a key role in leading product offering, and partner with Business Unit to develop secure products. She/he will be responsible for managing programs of large scope, impact, and complexity through all phases of the security lifecycle. The ideal leader needs to bring Security First culture in everything, while freeing the good and stopping the bad. She/he also needs to bring the culture of enabling the business to achieve their goals, while protecting and managing the risk for the company appropriately. The ideal candidate should be able to develop efficient strategies and tactics, to make Security ingrained in the process of the business with appropriate policies and tools, rather than just a governing body. This is a most visible role across the executive & board leadership, and the leader will report directly to the CEO.
The CISO will lead a team of 30-40 professionals. This leader acts as the key liaison and local point of contact for all information security communications and projects and coordinates the necessary alignment of internal staff and other global information systems areas. The Chief Information Security Officer determines projects and priorities for all information security issues. He/she establishes short and long-term business plans to achieve the security vision defined in the company’s strategic plan.
The CISO will identify vulnerabilities in information systems, network / systems architecture, network / system design implementations and work with responsible personnel to close or mitigate the vulnerabilities. He/she will direct the action of the Incident Response Team in the event that a security incident occurs. He/she will work closely with IT leadership to manage capacity, performance, and security within a service level agreement framework to assure the overall effectiveness of all IT services. The Chief Information Security Officer will work closely with IT and business leaders to identify and mitigate risks and establish/maintain strategic alignment of technology initiatives, information security and business objectives.
The CISO will develop the roadmaps, processes, procedures, and actions to be taken in the event of different IT security breaches. The CISO will not only need to develop these plans but is also expected to communicate and educate the Board and internal community on how the IT security organization will manage a security occurrence if one occurs. The CISO is also expected to effectively communicate and teach the company on what is going on in the world of information security and what employees can do to help the IT Security organization both prevent a security breach and easily manage through a security breach if it occurs.
The CEO and the Board look to the CISO to work collaboratively with IT, Internal Audit, and professional staff to understand the business to effectively assess the current state of IT security, the risks associated with the current state of security, and plans to address current risk and proactively improve IT security.
Specific Responsibilities Include:
Requirements:
If interested please apply or contact Johnny Chang directly at jchang at simplexhires.com. This is a confidential search but we will be happy to discuss further details with qualified candidates.