Chief Information Security Officer (CISO)

Chief Information Security Officer

GuideIT is a US based technology services company focused on providing value to its customers through technology alignment and optimization. We are currently looking for a Chief Information Security Officer to join our Plano, TX team. This is a hybrid role. Only local candidates will be considered.

About the Role

Our Chief Information Security Officer (CISO) is responsible for establishing and maintaining an information security management program to ensure that company assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of GuideIT. The CISO position requires a visionary leader with sound knowledge of business management and a working knowledge of information security technologies. The CISO will proactively work with business units to implement practices that meet defined policies and standards for information security.

Responsibilities

• Direct and manage information technology strategic plans, programs, and schedules for business and finance data processing, computer services, network communications and management information services.
• Lead the development and management of a comprehensive cybersecurity program, crucial for protecting our company's assets and infrastructure, while facilitating secure digital transformation.
• Ability to collaborate with individual contributors and business leaders to define business process issues, operational efficiencies, implement creative solutions and measure delivery results.
• Effective management of the client relationship.
• Identify emerging information technologies to be assimilated, integrated and introduced within the client account.
• Capable of leading and inspiring cross-functional, interdisciplinary teams to accomplish both tactical and strategic objectives with a keen focus on achieving business outcomes.
• Exhibits a high level of personal integrity and professionalism, with the capacity to manage confidential matters with discretion and maturity.
• Safeguard technology deployments are properly implemented, integrated and supported.
• Develop and manage privacy and security awareness training programs for employees to promote a culture of security and privacy awareness and best practices throughout the organization.
• You can articulate complex cybersecurity concepts to both technical and non-technical audiences. You are adept at translating security problems to business impact.
• Experience with highly regulated industries such as healthcare, financial services, government, and publicly listed companies.
• Familiarity with securing and operating on public Cloud (AWS, Azure, GCP) providers.
• Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
• Ensure that security programs follow relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
• Continuous risk management.
• Conduct regular security audits, assessments and penetration tests to identify vulnerabilities.
• Establish and administer a privacy and security incident response process and be actively engaged on high priority incidents, including preparation, investigation, response and impacted customer notification and communications.
• Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees and managing external resources.
• Facilitate and build upon a whole-of-state approach to cybersecurity.

Qualifications

• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials, is desired.
• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent experience.
• Minimum of eight to ten years of experience in a combination of risk management, information security and IT roles. At least three must be in a leadership role. Employment history must demonstrate increasing levels of responsibility.
• Deep understanding of cybersecurity technologies, practices and methodologies, including intrusion detection systems, firewalls, anti-virus software, data encryption and emerging technologies, such as: AI, IoT, cloud computing.
• Expert in application of the NIST and ISO 27001 Risk Management and Cybersecurity Frameworks
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
• Must be a critical thinker, with strong analytical and problem-solving skills.
• Knowledge and understanding of relevant legal and regulatory requirements, such as the General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA).
• Project management skills: financial/budget management, scheduling and resource management.
• Master's degree in Computer Science, Information Systems, Engineering, Business, or related discipline, or equivalent training/experience (preferred).

Must reside in the Dallas/Ft. Worth area. Only local applicants will be considered.

More About GuideIT

Headquartered in Plano, Texas, our services, and solutions are designed to align technology with business outcomes, maximize value through cost management, and allow rapid, proactive response to change. At GuideIT, we are looking for candidates that have a high level of integrity and thrive in a team environment centered on mutual trust and respect. Our team members are results oriented and highly adaptable. In addition to a dynamic environment, GuideIT offers competitive pay, performance-based bonuses, 401K, health, dental and vision insurance coverage, paid holidays, and paid time off. GuideIT is committed to Equal Employment Opportunity. It is the policy of GuideIT to encourage and support equal employment opportunity for all Team Members and applicants for employment without regard to sex, race, color, ancestry, religious creed, national origin, pregnancy, physical disability, mental disability, medical condition, age, marital status, political affiliation, sexual orientation, disabled veteran, or Vietnam era veteran status.