Chief Information Security Officer Job at Pailin Group Psc, Texas

M0NJb0hkR0VXeDZic2puVldLck5KVzRVd3c9PQ==
  • Pailin Group Psc
  • Texas

Job Description

Reporting to the Chief Information Officer, the Chief Information Security Officer (CISO) is the most senior information protection officer for the organization. The CISO will be responsible for building and maintaining the vision, strategy, and programs necessary to ensure information assets and technologies and data are adequately secured. As the champion of the organization’s next generation strategy, this individual will also drive the success of a platform of state-of-the-art global shared security services.

The Chief Information Security Officer will be responsible for the following:

  1. Driving the continuous evolution and deployment of an enterprise-wide, world-class information risk management program.
  2. Identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and supports the risk posture of the enterprise.
  3. Defining and driving policies, standards and processes to ensure that our practices meet the global, regional and local needs of the business.
  4. Establishing and maintaining world-class integrated information security operations.
  5. Serving as the process owner of all ongoing activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information, in compliance with the organization's information security policies.
  6. Proactively working with business units and member firms around the world to implement practices that meet defined policies and standards for information security.
  7. Working with board and governance committees to determine acceptable levels of information security risk for the organization and ensuring that information security is managed effectively and efficiently in terms of program evaluation, reporting and cost management.

Specific responsibilities include:

  1. Leading the development and publishing of up-to-date security policies, standards and guidelines, and the enterprise-wide training and dissemination of security policies and practices.
  2. Managing the enterprise's security organization, including hiring, training, talent development and performance management.
  3. Ensuring that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
  4. Setting and implementing consistent standards for IT security operations and support (i.e., intrusion detection systems, cyber security, firewalls, vulnerability assessment systems, penetration testing, secure email system, access control & identity management systems, network security, etc.).
  5. Managing research and development activities designed to assess need, analyze costs and benefits, and develop strategies for deploying and integrating progressive security techniques and technologies.
  6. Coordinating the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
  7. Providing strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  8. Creating information security and risk management awareness training programs for all employees, contractors and approved system users.
  9. Creating, communicating and implementing a risk-based process for vendor risk management, including assessment and treatment for risks that may result from partners, consultants and other service providers.
  10. Facilitating a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitating appropriate resource allocation, and increasing the maturity of the security.
  11. Understanding and interacting with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including, but not limited to, privacy, risk management, compliance and business continuity management.
  12. Interacting with clients and client service teams to ensure a level of understanding and confidence in Deloitte security practices.
  13. Collaborating with Risk and Legal function to ensure a high level of consistent, comprehensive and effective practices are in place.

The ideal candidate will be a thought leader in the area of information security and privacy. He or She will be a consensus builder with a track record of integrating people and processes to drive a cohesive security strategy for a globally complex and diverse enterprise.

Job Requirements

Education:

  • Bachelor’s Degree in Information Security, Information Technology, Computer Science, Engineering or Mathematics or equivalent experience.

Years of Experience:

  • 15 years of relevant work experience.

Technical Skills / Desired Experience:

  • Mastery level understanding of information security concepts, principles and drivers.
  • Mastery level understanding of security, privacy, IT audit and legal security standards, guidelines and principles.
  • Mastery level understanding of information technology within a large, highly-distributed organization.
  • Strong understanding of state-of-the-art security technology and technical concepts.
  • Demonstrated ability to leverage advanced knowledge of a business structure and components of a product or service to identify current state for a project or endeavor; Ability to analyze gaps caused by change initiatives and determine potential opportunities.
  • Experience conducting and/or coordinating technical security scanning, penetration testing, social engineering testing, application security testing, mobile device security analysis, network security analysis/operations.
  • Experience with enforcing secure coding practices, threat modeling, identity and access management, and/or security incident response/recovery.
  • Industry-recognized information security management certifications such as: Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) desired.
  • Proficiency with common information security management frameworks.

Other Skills / Qualifications:

  • Multiple years of successful leadership experience operating within the Deloitte network of member firms OR a comparable global professional services organization required.
  • Demonstrated ability to communicate effectively with stakeholders and customers regarding technical concepts.
  • Demonstrated experience with global or multinational clients; ability to advise and counsel clients.
  • Comprehensive understanding of strategic planning and program management.
  • High degree of personal integrity and ethics as well as a passion for securing data systems and networks.
  • Constantly striving for excellence using objective, transparent and agreed-upon standards.
  • Excellent written and verbal communication and presentation skills for leadership, technical and business audiences.
  • Exhibits strong leadership and management skills, business acumen, and the ability to build relationships to influence and drive change.
  • Prior knowledge and/or experience with budget management.
  • Superior analytical/problem solving ability; Superior critical thinking skills.
  • Strong ability to communicate across all levels of the organization.
  • Ability to work under constantly changing conditions and tight deadlines.
  • Ability to manage multiple goals and deadlines.

Ability to travel as needed (estimated at 50%-70%).

Well qualified professionals please forward resume along with compensation requirements to the Pailin Group Professional Search Consultants.

Robert Martin Informational Technology Group Division Manager

#J-18808-Ljbffr

Job Tags

For contractors, Work experience placement, Local area,

Similar Jobs

Chipton‑Ross Inc

212346 - Aircraft Painter Job at Chipton‑Ross Inc

 ...Chipton-Ross is seeking an Aircraft Painter for a contract opportunity in San Antonio, TX.*This position is 100% ONSITE.RESPONSIBILITIES:In this role the individual work assignments that will require them to mix paint, work with chemicals and all the preparation... 

Syntricate Technologies Inc

SAP GTS Lead Consultant Job at Syntricate Technologies Inc

 ...: E2E Implementation - Min. 1 E2E Implementation as GTS lead Consultant and min. 1 Support project Experience as GTS Lead Consultant....  ...Desk to facilitate incident & problem resolution. Work with SAP to resolve software bugs. Develops functional specifications... 

Jackson + Coker

Oncology - Radiation Physician Job at Jackson + Coker

 ...DocCafe has an immediate opening for the following position: Oncology-Radiation Physician in Fort Myers, Florida. DocCafe is the premier physician and advanced practice job board to help you advance your healthcare career. Register now to apply for this job and... 

Gulfstream Aerospace Corporation

Aircraft Technician II Job at Gulfstream Aerospace Corporation

 ...Aircraft Technician IIin GAC Savannah Unique Skills: Working with tools and experience installing parts Education and Experience Requirements High School Diploma or GED required. FAA Airframe and Powerplant certificate and 2 years of aviation maintenance... 

Huntington Hospital

Stroke Registered Nurse Coordinator PT Days Job at Huntington Hospital

 ...depending on qualifications and experience. Department: 872003 Neurosciences Admin Expectations: Supports the development, coordination, and maintenance of the quality of care continuum and evidence-based practice outcomes for stroke patients. Facilitates overall...