Chief Information Security Officer

The Chief Information Security Officer, reporting to Chief Information Officer, is responsible for overseeing the planning, execution and management of cybersecurity and IT risk management programs. You'll drive improvements to the security program, lead auditing, drive security awareness across the organization, and partner with external security partners. You'll serve as an internal advisor on security and technology opportunities, manage both internal and external cybersecurity risk, and provide security awareness. You'll collaborate with business leaders to ensure proper security measures are implemented to protect the success of the business.

RESPONSIBILITIES:

• Promote continuous improvements in IT Compliance to ensure all compliance (SOX,) and quality controls policies are achieved
• Evaluate the current landscape of security and business risks, assess critical needs, and define a comprehensive cyber strategy
• Manage cybersecurity areas including incident response, patch management, vulnerability management, identity and access management, end point security, application security, cloud security, security awareness, business resilience, monitoring, remediation, threat intelligence, and information governance
• Identify automation opportunities to increase productivity and efficiency
• Deliver presentations to the executive leadership team and Board of Directors on a quarterly basis
• Strengthen partner relationships with senior executives to create an environment to understand business security needs, promote cyber awareness and adoption, and build on changes in the cybersecurity threat landscape
• Oversee a comprehensive risk management program with prioritization of risk and tracking of remediation efforts
• Develop appropriate policies, procedures and guidelines to support a comprehensive cybersecurity strategy
• Collaborate with other IT teams to identify the architecture and processes required to support ongoing digital developments and operations

Requirements

• Teamwork - balances team and individual responsibilities; gives and welcomes feedback; contributes to building a positive team spirit
• Bachelor's degree, or equivalent experience, with a Certified Information Systems Security Professional certification
• Experience navigating complex relationships, frame complex issues, create important partnerships, influence, and develop solutions which result in mutually beneficial outcomes and align strategy decisions with business priorities
• Proven large-scale crisis and incident response management and leading large project and program lifecycles
• Organizational Support - follows policies and procedures; completes administrative tasks correctly and on time; supports organization's goals and values
• Quality - demonstrates accuracy and thoroughness
• Technical experience developing cybersecurity posture and implement the strategy with a clear vision of the evolving needs and latest trends within cybersecurity, cloud, AI, platforms, security automation, etc
• Ethics – treats people with respect; keeps commitments; works with integrity and ethically
• Service-Oriented mindset - responds timely to users’ requests for service and assistance; meets commitments
• Success developing and leading teams and serving as a catalyst for growth and change
• Adaptability - adapts to changes in the work environment; able to deal with frequent change, delays or unexpected events
• Experience assessing threat and vulnerability with a business and a technical perspective to shape affordable, efficient, and time-sensitive security architectures and solutions
• Solid people and communication skills – focuses on solving conflict; maintains confidentiality
• Professionalism - approaches others in a tactful manner; treats others with respect and consideration regardless of their status or position; accepts responsibility for own actions
• Planning/Organizing – prioritizes and plans work activities; uses time efficiently; able to work independently
• Experience across security technologies (such as intrusion detection and prevention, proxy filtering, advance malware protection, and threat intelligence), data integrity, technology architectures, and cloud technology stacks
• 10+ years of relevant information security experience
• Strong problem solving and critical thinking skills - identifies and resolves problems in a timely and methodical manner; gathers and analyzes information thoroughly
• An inventive and experimental approach to solving problems and finding solutions
• Attendance/Punctuality - consistently at work and on time; ensures work responsibilities are covered when absent; arrives at meetings and appointments on time

Benefits

• Unlimited access to workout facilities within the building
• Paid vacation time
• Flexible telecommuting schedule (currently WFH on Monday and Friday)
• Casual dress code
• 401k match 100% up to 7% of annual base salary
• Health Advocate to assist navigating your medical, dental, and vision insurance
• 40 hours paid sick time annually
• Premiums for health, dental, and vision insurance for employee and children are 100% paid for by Aethon and premiums for spouse are 75% covered
• Wellness program with earned incentives for completed activities
• 9 paid holidays annually

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Employees must be willing and able to perform other duties as assigned. Duties, responsibilities, and activities may change at any time with or without notice.

Unfortunately, due to the high volume of applications, we are unable to acknowledge every applicant.

Aethon does not accept unsolicited resumes from recruiters or employment agencies. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement and approved engagement request, Aethon reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.

Aethon is an equal opportunity employer. We are committed to the principles of being an equal opportunity employer and to providing our employees with a work environment free of discrimination and harassment. All employment decisions are based on qualifications, merit, and business need.