Chief Information Security And Privacy Officer Jobs

Director, Chief Information Security Officer (CISO) Direct Hire | Remote

Director, Chief Information Security Officer, | Requirements

Director, Chief Information Security Officer, CISO | Background and Scope

Demonstrated experience in incident response, risk management, and security governance.

Strong knowledge of relevant regulations, compliance requirements, and industry standards.

Ensure compliance with relevant industry standards, regulations, and legal requirements (e.g., GDPR, HIPAA, PCI DSS).

Assess the security posture of third-party vendors and partners and ensure compliance with security requirements.

Industry-recognized certifications such as CISSP, CISM, CISA, or equivalent.

Excellent communication and interpersonal skills to collaborate effectively with cross-functional teams.

Excellent organizational, analytical, problem solving, presentation, project management, written and oral communication skills

Lead negotiations in disputes and/or regulatory matters specific to privacy and information management that have a significant impact on the company.

Manage privacy and information management related legal matters handled by outside counsel.

Bachelor’s degree or equivalent experience required, and 10+ years relevant experience; JD preferred; IAPP privacy credentials a plus

Expert knowledge of global, federal and/or state laws governing data privacy

Strong leadership and interpersonal skills

Oversee a comprehensive risk management program with prioritization of risk and tracking of remediation efforts

Bachelor's degree, or equivalent experience, with a Certified Information Systems Security Professional certification

Proven large-scale crisis and incident response management and leading large project and program lifecycles

10+ years of relevant information security experience

Solid people and communication skills – focuses on solving conflict; maintains confidentiality

Teamwork - balances team and individual responsibilities; gives and welcomes feedback; contributes to building a positive team spirit

Past experience implementing cyber security in Network, End Point protection, Cloud security, AD/ Access Management highly required

Demonstrated broad management knowledge to lead project teams in one department

Demonstrated experience and success in leadership roles in risk management, information security, and information technology security

Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies

Project management skills including financial/budget management, scheduling and resource management

Develops and enhances an up-to-date information security management framework

Minimum of 12 years of experience in information security, with at least 6 years in a leadership or managerial role.

Strong understanding of network security, encryption, identity and access management, and vulnerability management.

Identify potential security vulnerabilities and threats, conducting risk assessments and implementing appropriate controls and countermeasures.

Ensure compliance with relevant regulatory requirements, such as GLBA, PCI DSS, and other industry standards applicable to the banking sector.

Professional certifications such as CISSP, CISM, or CISA strongly preferred.

In-depth knowledge of information security frameworks, standards, and regulations.

Track the latest IT security innovations, cybersecurity technologies, trends, threats, and regulatory requirements to ensure proactive and effective risk management

Prior experience in a Managed Service Provider or IT Consulting environment preferred

Experience implementing controls related to data privacy standards such as GDPR and CCPA

Experience in financial services and/or biotech/life sciences industries is strongly preferred

First-hand experience with 3rd party audits such as SOX, SOC 2, ISO, or PCI-DSS preferred

Relevant certifications such as CISSP, CISM, CRISC, or similar are highly desirable

2 years of experience building software for data privacy or security (e.g., identity and access management).

Bachelor’s degree or equivalent practical experience.

2 years of experience with data structures or algorithms in either an academic or industry setting.

2 years of experience with performance, large scale systems data analysis, visualization tools, and/or debugging.

Contribute to existing documentation or educational content and adapt content based on product/program updates and user feedback.

Master's degree or PhD in Computer Science or related technical fields.

Compliance Management - Assess and facilitate compliance of the organization with external regulatory requirements that relate to security.

Special Knowledge, Skills, and Abilities

Security Management - Establishment, facilitation or directing of processes to protect an organization's facilities, assets, information, and services.

People Management - Direct and indirect management of teams, employees and stakeholders Provide leadership and motivation as required.

Manage teams (Indirect) Clarify individual roles and responsibilities.

Direct management of assigned staff as well as mentoring others.

Certifications in health information management (RHIT, RHIA, etc.) preferred.

CHPC certification, J.D., or equivalent compliance or consulting experience.

Extensive knowledge and experience in U.S. federal and state privacy laws.

Experience with the EU General Data Protection Rule and other international privacy requirements a strong plus.

Manages all day-to-day aspects of the VUMC Privacy Office, with support from regional hospital Facility Privacy Officers.

Bachelor's Degree or equivalent experience in an applicable health care field.

Excellent organizational, analytical, problem solving, presentation, project management, written and oral communication skills

Provide information about the privacy program and privacy risk to the Board of Directors and Executive Management Group.

Bachelor’s degree or equivalent experience required, and 10+ years relevant experience; JD preferred; IAPP privacy credentials a plus

Expert knowledge of global, federal and/or state laws governing data privacy

Strong leadership and interpersonal skills

The ability to build and manage relationships and facilitate collaboration and communication

Experience in identifying and mitigating security vulnerabilities in smart contracts.

Develop and maintain incident response plans and manage security incidents when they occur.

Prior blockchain/crypto/web3 experience is a must.

10+ years experience as an ISO or similar role in a relevant industry.

Experience with the fundamentals of blockchain technology, developer platforms, game design, and/or token economics.

Excellent communication skills with the ability to communicate complex technical information to non-technical stakeholders.

Proven leadership skills and ability, including influencing key stakeholders and Sr. Management (C-suite)

Develop a comprehensive Identity Management architecture and strategy and drive the implementation of identity management discipline

MBA, MS or other advanced degree preferred and 15+ years of similar experience as noted above and

Extensive previous leadership experience also required

Ability to effectively manage, mentor and train personnel and ability to motivate and influence personnel to achieve goals

Requires in-depth knowledge of the functional areas, business strategies, and the company’s goals

Solid business acumen and experience with risk management

Oversee risk management and regulatory compliance efforts in partnership with legal and internal audit

Evolve our portfolio management functions and capacity planning to drive cost efficiencies

10+ years of direct accountability for identification of talent and management of individuals from both business backgrounds and technology disciplines

Experience making calculated risk-based investment decisions (capabilities, talent, partnerships) that include support (and accountability) from our business partners

Optimize investments in our platforms, security-enabling products, and capabilities

Specific Knowledge, Skills, or Abilities

Specific License or Certification (Preferred) or Required within the first year of employment:

Equipment, Machinery, Tools, and Materials Utilization

From the day you start, you’ll receive:

30 days paid vacation per year

[The Naval Postgraduate School (NPS)](https://nps.edu/)

- Professional security management certification.

- Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST, and FFIEC.

- Develop, implement, and monitor a strategic and comprehensive enterprise information security and IT risk management program.

- Work directly with the business units to facilitate risk assessment and risk management processes.

- Develop and enhance an information security management framework.

- Partner with business stakeholders across the organization to raise awareness of risk management concerns.

Communicate risks to senior management and recommend mitigations

Meet with project management and IT leaders to ensure Information Security and Privacy alignment for both new and existing technology solutions.

Define and manage the roadmap for Information Security and Privacy solutions and capabilities.

Risk Analysis Experience: Qualitative and quantitative risk analysis, including cost-benefit analysis in decision-making.

Participate in the active balancing of business and technical priorities in order to maximize benefits to World Vision's ministry.

Manage exceptions to Information Security and Privacy standards at an enterprise level.