Our Dallas-based client is in the business of removing limits to global business. With holdings in over 30 global markets and nearly 200 locations, this technology leader is looking for a sharp and experienced security leader to serve as the Chief Information Security Officer (CISO) in either our Dallas, TX or Austin, TX locations.
This is a growth opportunity for a seasoned global security leader to serve as the internal advisor and business partner on a wide variety of security and technology related opportunities. The CISO, through partnership with key leaders across the organization, will ensure alignment of security resources to drive the success of the business.
Additionally, the CISO guides the Executive Leadership Team by recommending and prioritizing investments and projects that mitigate overall risks, strengthen defenses and reduce vulnerabilities for development, internal and client-facing systems. This role serves as an expert advisor to senior management in the development, implementation and maintenance of a Company-wide information security infrastructure to ensure best practice control objectives are achieved for system integrity, availability, confidentiality, accountability and assurance. S/he will need strong leadership and strategic agility coupled with intellect and depth of business and cyber security related experience to instill confidence with the business.
The CISO will act as the internal advisor and business partner on a wide variety of security and technology related opportunities for the company. It will be the CISO’s responsibility, through partnership with key leaders across the organization, to ensure that security resources are aligned to drive the success of the business.
- Demonstrated experience with large-scale, global M&A activities in assessing security risks and exposure
- Technology background that includes experience serving as CISO or Head of Cyber Security function.Minimum 15+ years of leadership experience in IT Security, cybersecurity, IT Audit or related are required
- Proven experience building credibility and collaborating with senior business leaders to assess organizational challenges, institute prioritization and deliver results
- Competent in IT risk assessment and management, IT continuity management, IT governance formulation, and organizational change management
- Solid experience building organizational capability and developing and building a team
- ensure the right people are in place to accomplish the organization’s goals
- dynamic leader that motivates others such that individual and team performance exceed the sum of the parts
Ideally, this person
- Operates with a sense of urgency in executing the company’s missions and is able to adapt quickly to evolving leadership requirements
- Possesses strong situational awareness; demonstrates maturity, seasoning and good judgment; has the adaptability and agility to absorb and digest what is happening within a dynamic and rapidly evolving environment and respond accordingly.
- Confident; listens, takes advice and seeks out advice; operates with a quiet competence; demonstrates humility, openness, and transparency.
- Possesses unquestioned ethics and integrity; models company values in every interaction and capable of holding themselves and the organization to a higher standard (understands the organization’s critical role in making the Internet work every day and connecting people to where they want to go); a values-based leader who sets the tone at the top and leads by example.
- Working knowledge of IT financial management and IT audit
- Excellent verbal and written communication skills
- Ability to react to high-pressure dynamic changing environments
- Ability to train security concepts to all areas of the business
- Fosters and builds a collaborative working relationship with various stakeholders
- Ability to develop a Security Vision in support of overall Business and Organizational goals
- Motivate and lead both direct reports and cross-functional teams
- Strong problem solving and analytical skills
- Expert in information security policy formulation, information security management, and business risk management
- Professional experience in running the information security office analyzing and applying information security, risk management, and privacy practices
- Extensive experience in strategic planning, budgeting, and allocation
- Consulting and general industry experience
- Experience in law enforcement and/or national security is highly relevant
- Knowledge of national and international regulatory compliances and frameworks such as GDPR, GLBA, ISO, SOX, BASEL II, EU DPD, HIPAA, NIST, FISMA, CobiT, ISF and PCI DSS
- Experience with secure coding standards, ethical hacking techniques, IDS/IPS, SIEM
Education and Relevant Certs
- Bachelor’s degree in either Information Security, Computer Science, Information Management Systems, or related field or equivalent work experience
- Master’s degree or MBA preferred
- CISSP, CISM, CISA, CSSLP, CCFP, PMP and other cybersecurity credentials
The Chief Information Security Officer (CISO) plays an integral part in the development, implementation, and compliance of technical security across the enterprise. The CISO is responsible for managing risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance. In addition, the CISO ensures all staff members are trained on enterprise and governmental security requirements through awareness programs.
- Chairs an Executive steering committee that brings together key Business stakeholders to develop and review enterprise security and risk strategies
- Collaborates with cross-functional Business, Product and Technology Delivery teams to identify, deploy, support and monitor adopted standards, policies and guidelines
- Collaborates with Business and Technology teams to ensure business continuity planning meets Service Level and compliance requirements
- Participates in and guides Business Continuity testing and continuous improvement
- Provides guidance (e.g., information security risk severity assessments / relative cost benefit analysis etc.) and recommendations regarding prioritization of investments and projects that mitigate risks, strengthen defenses and reduce vulnerabilities.
- Acts as the primary Company control point during follow-up on significant information security incidents, oversee development of response plans, forensics, custody of data, and provide timely update reporting.
- Provides guidance to business units as necessary to investigate security breaches and to pursue associated potential disciplinary and legal actions in collaboration with Human Resources and Legal counsel as appropriate.
- Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments
- Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need
- Monitors industry trends and regulatory compliance with enterprise security policies and educates business unit leaders and service managers on compliance efforts
- Maintains relationships with local, state, and federal law enforcement and related government agencies as needed
- Maintains current certification in relevant practices
- Creates an information security awareness program to customize communication tools and campaigns for each business unit and integrated services group
- Proposes usage and security policies for information sharing on internal and external platforms
- Ensures security compliance with industry and government rules and regulations
- Establishes security metrics and reports performance
- Monitors and reports security/policy compliance
- Oversees execution of approved information security projects and internal/external security audits, and provide regular status reporting on progress of such projects.
- Leads a dedicated Information Security team with responsibility for both technical security and security-related compliance.
This position will ideally be located in our headquarters in Dallas, TX, however, we have some flexibility to hire in Austin, TX as well. If you're already living in Texas, we certainly don't need to sell you on staying, but if you're looking to relocate, here are five things to consider:
- The taxes are ridiculously low
- With a host of Fortune 500 companies in Texas, opportunity abounds
- Texas boasts a remarkably low cost of living - particularly if you're coming from the coast
- Robust economy
- You'll never shovel snow again!
Blackmere Consulting is an equal opportunity employer (EOE/AA/M/F/Vets/Disabled/Protected Statuses)