Reports to: President
Location: Maryland (Hybrid remote)
Position Summary:
- The Chief Information Security Officer (CISO) is responsible for establishing and maintaining RKCS's enterprise-wide information security program to ensure that all information assets are adequately protected. The CISO will be responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of the organization.
Key Responsibilities:
- Security Strategy Development & Implementation: Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, confidentiality, and availability of information assets.
- Risk Management: Perform regular security assessments, audits, and relevant risk assessments, communicating results to executive management and board members.
- Policy Development: Develop and implement information security policies, standards, guidelines, and procedures.
- Incident Management: Lead the incident response team in effectively mitigating security incidents, including data breaches and cyber-attacks, and collaborate with the legal department for any necessary follow-up.
- Compliance & Audit: Ensure that the company is in compliance with all relevant legal and regulatory requirements, including data protection laws and cybersecurity standards like ISO 27001, GDPR, and any industry-specific guidelines.
- Employee Training and Awareness: Develop and manage a security awareness and training program for all employees.
- Vendor Management: Ensure that security is integrated into the third-party vendor risk management process.
- Budget Management: Responsible for information security budget and allocations, ensuring cost-effective resource use.
- Technology Evaluation: Evaluate new cybersecurity threats and IT trends and adapt current processes and technologies to mitigate risks to the organization.
- Reporting: Regularly update the executive team and the board of directors on the status of information security, risks, and projects.
Qualifications:
- Bachelor’s degree in computer science, Information Technology, or a related field, Master’s preferred.
- Minimum of 10 years of experience in a combination of risk management, information security, and IT roles.
- At least 5 years of experience in a senior leadership role.
- Relevant certifications such as CISSP, CISM, CISA, etc.
- Strong understanding of firewall and intrusion detection/prevention technologies.
- Experience with contract and vendor negotiations.
- Excellent written and verbal communication skills.
Key Competencies:
- Strong leadership skills
- Excellent communication and organizational skills
- Analytical thinking and problem-solving capabilities
- Ability to manage multiple priorities
- Adaptability and stress tolerance
Interested candidates should submit their application, including a cover letter and resume, to careers@rkcybersolutions.com.
BENEFITS
- 4 Health Insurance Options
- GAP Insurance Options
- Dental Plan
- Life Insurance Options
- Long-term Disability
- Short-term Disability
- Legal Option
- HSA Option
- PTO
- 401k Plan
- Pension Plan
#J-18808-Ljbffr
