Consultant - Chief Information Security Officer

Arootah • New York, NY, United States • $200k - $250k / year • 1w ago

Consultant - Chief Information Security Officer

Arootah is a premier alternative investments advisory and executive coaching firm that empowers finance executives and their teams to unlock peak performance in all areas.

Hedge Fund/Family Office Consultant – Chief Information Security Officer (CISO)

Join our experienced roster of consultants that support Hedge Funds and Family Offices. Arootah is a personal and professional development leader in the Investment and Financial Services industry. Our mission is to provide top business advisory services to our hedge fund client base.

WHO WE NEED: Arootah is searching for experienced Chief Information Security Officers to consult to our highly prestigious client base. As a consultant, you will work with our Hedge Fund and Family Office clients to provide expert advice. Having previously served in the role of Chief Information Security Officer, you have specific, hands-on experience building, maintaining, and operating the full Cybersecurity Program for a leading Hedge Fund or Family Office.

WHAT YOU WILL DO AS A CONSULTANT:

Provide advice and guidance to Arootah clients who seek help with their Cybersecurity needs.
Develop realistic and effective monthly action plans.
Identify internal and contextual roadblocks.
Break apart goals into actionable steps.
Devise a plan of action for each goal.
Provide the client with resources associated with implementing their action plan.
Implement policies, procedures, and control measures.
Review, analyze and report on client tools and resources to ensure industry best practices.
Evaluate each client’s advancement toward goal actualization through key performance indicators (KPIs) and scoring matrices.
Maintain and share detailed and accurate records of consulting results (challenges, breakthroughs, etc.).

SPECIFIC AREAS OF EXPERTISE:

Develop, implement, and monitor a strategic, comprehensive enterprise and application IT cybersecurity program.
Drive security standards across the organization, including information security policies, procedures, and guidelines.
Create and maintain a security awareness training program.
Analyze and test systems and processes to understand vulnerabilities to cyber threats.
Partner with security experts and outside vendors to ensure all technology platforms meet all security requirements and continue to evolve over time to meet changing needs and best practices.
Continuously and measurably improve technology and data security.
Provide strategic and tactical vision, along with execution focused on incident prevention, detection, and response.
Identify, track, and communicate detailed metrics indicating overall security risk factors.
Ensure the organization's capability to analyze and mitigate security threats.
Work with team members and developers on the design and development of threat deterrence and defense technologies and risk mitigation infrastructure.
Implement an incident response program to identify and respond if any breaches (internal or external) or misuse of data takes place.
Conduct research to understand emerging threats and develop innovative risk management approaches, tools, and analytics to better manage risk.
Brief executive leadership regularly on current cybersecurity threats and challenges, and the status of the information security management system.
Lead the periodic internal risk assessment, document its findings, and develop recommendations to address deficiencies.
Identify areas where automation and machine learning can improve the team’s scalability.
Own the Information Security annual budget and operate within the budget.
Provide leadership, supervision, coaching, and guidance across the team in achievement of organizational and departmental goals.

QUALIFICATIONS & REQUIREMENTS:

A Bachelor’s degree in Computer Science, Computer/Electrical Engineering, Information Systems, Information Sciences, or a related field with a strong academic record.
An MBA or other relevant graduate degree is a plus.
Certified Information Systems Security Professional (CISSP) or similar (CISA, CISM, etc.) is a plus.
7+ years of relevant experience at a hedge fund, family office, or financial institution serving as a Chief Information Security Officer.
5 or more years of IT implementation experience.
Experience in cloud only, cloud first infrastructure, and deploying cloud information security solutions.
Firm understanding and ability to implement zero-trust security.
Firm understanding and experience with Software Defined Networking and Cloud Networking.
Firm understanding of single sign-on and multi-factor authentication platforms.
Experience driving discussions with senior personnel regarding trade-offs, best practices, project management, and risk mitigation.
Firm understanding of work from anywhere models.
Experience with IT compliance and risk management requirements.

#J-18808-Ljbffr