Chief Information Security Officer

*CIS is no longer accepting applications for this position*

About the Job

The Chief Information Security Officer (CISO) position is assigned to the Executive Team at CIS. Reporting to the Chief Operation Officer, The CISO will partner with other cybersecurity team members to promote the CIS mission and help support our growth. The primary purpose of this position is to direct strategy, operations, and policy for the protection of the enterprise information assets. The scope of responsibility will encompass communications, applications, and infrastructure, including the development and enforcement of the policies and procedures which apply. This position is located on-site at our Headquarters in East Greenbush, NY.

Here’s a Snapshot of your Tasks and Responsibilities

  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program;
  • Ensure that disaster recovery and business continuity plans are in place and tested;
  • Review and approve security policies, controls, and cyber incident response planning;
  • Identify risks and actionable plans to protect the business;
  • Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment of risks that may result from partners, consultants, and other service providers;
  • Manage information security and risk management awareness training programs for all approved systems users;
  • Provide regular reporting on the current status of the information security program to senior staff and the board of directors;
  • Coordinate information security and risk management projects with resources from the IT organization and business units;
  • Ensure continued compliance of the security programs with all applicable laws and regulations;
  • Oversee identity and access management;
  • Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
  • Manage security incidents and events to protect corporate IT assets, including IP, data and company reputation;
  • Conduct periodic security audits;
  • Responsible for the implementation and maintenance of the most current version of the CIS 20 Critical Controls;
  • Maintain a current understanding of the Cyber threat landscape;
  • Ensure that all cybersecurity policies and procedures are communicated to all personnel and that compliance is enforced;
  • Coordination of all employees, contractors, and vendors involved in IT security;
  • Provide training and mentoring to security team members;
  • Constantly update the cybersecurity strategy to leverage new technology and threat information
  • Coordinate security tool deployment and implementation;
  • Serve as the expert advisor to the executive team on status and risks, conduct research and provide updates on industry standards;
  • Operate as the CIS lead on the CIS Board of Directors Risk Committee;
  • Oversee the overall security architecture, strategy, and necessary budget;
  • Communicate best practices and risks across the organization.
  • Other duties as assigned

What are we looking for in you?

  • Bachelor’s degree in Computer Science, IT Security or related field
  • 10+ years’ experience in IT and Security, 4 of which were in a senior management role
  • 5 years’ experience in project management
  • Previous CISO experience
  • Technical knowledge of different types of networking, applications and operating systems
  • Regulatory compliance knowledge, including HIPAA, SOX, PCI, NIST and GLBA
  • Understanding of  International,  Federal,  State  and  Local  laws  concerning  data  acquisition, protection and transmission
  • Quantitative Risk Assessment experience
  • Strong leadership and people management abilities
  • Strong attention to detail
  • Excellent interpersonal skills and professional demeanor
  • Excellent verbal and written communication skills
  • Excellent customer service skills
  • Must be authorized to work in the United States

Preferred Qualifications:

  •  Master’s Degree in Computer Science or related field
  • One or more of the following professional certifications is preferred:
    • CCISO, CISSP, CISM, CGEIT, SANS/GIAC

The CIS Offer

  • A culture that is engaging, fun and energetic
  • An organization that supports Work/Life balance
  • Competitive compensation
  • Comprehensive benefits package including:
    • Medical, dental, vision and life insurance
    • 401K plan with company match
    • Maternity, paternity and military leave
    • Paid time off upon date of hire and more!
  • Tuition and certification reimbursement
  • On-site wellness programs
  • Community involvement opportunities
  • An environment that promotes growth and professional development including our award-winning training opportunities