| Location | |
| Country: | United States |
| State/Prov: | New York |
| City: | New York |
| Position | |
| Position/Title: | CISO |
| Position Type: | Permanent F/T |
| Closing Date: | 2008-08-03 |
| Job Description: |
Scope of Position: This person will have overall responsibility for all aspects of information security throughout our client's company and will be responsible for ensuring that our client's environment and processes are secure and in compliance with all relevant government regulations and contractual obligations. Responsibilities: * Ensuring general information security for our client (putting the proper measures in place to protect the confidentiality, integrity and availability of information housed by our client). * Identify, prioritize and track information security vulnerabilities. * Advise senior management on identified vulnerabilities and appropriate information security structures, policies and procedures. * Establish, maintain and customize information security controls to provide cost effective protection that is responsive to the confidentiality, integrity and availability needs for information owned by or in our client's custody. * Work cross-departmentally to establish and implement mechanisms for identifying and addressing security vulnerabilities. * Establish and lead Information Security Committee. * Maintain active involvement in all new product development activities to ensure products comply with information security and privacy standards. * Coordinate with the Information Technology Department on protection goals, objectives and metrics to measure effectiveness of new procedures and policies. * Coordinate with the Legal Department on compliance with all relevant laws and confidentiality requirements. * Coordinate with the Finance Department in ensuring implementation and maintenance of appropriate policies and controls. * Establish and maintain business processes with third parties. |
| Job Requirements: |
Skills Required: * Ability to independently establish and implement an organization-wide agenda. * Ability to assess, analyze and propose efficient and cost effective solutions to identified risks. * Strong relationship building and collaboration skills. * Flexibility and willingness to partner with key stakeholders. * Knowledge / familiarity with current security policy compliance requirements such as FERPA, HIPAA, GLB, SOX, PCI DSS . * Proven track record of successful implementation of new systems and procedures within organizations. * Familiarity with NIST and other applicable security standards. * Strong oral and written communication skills. * Significant project management experience. Experience, Education & Skills Requirements: * Bachelors degree from a 4-year college in Computer Science, Computer Information Systems, Management Information Systems, Business Administration, Public Policy, Law or other related field required. Advanced degree highly desirable. * Minimum of 10 years of professional experience. * Substantial (min 2-3 years) early experience as a software developer and/or information technology specialist. * At least 3 years with primary focus of activities in information security, with at least 1 year of senior level responsibility for organizational information security. * Experience in the development and implementation of security programs, policies, and procedures. * Demonstrated ability to present plans and proposals to Executive Management. * CISSP certification preferred. |
| Contact Information | |
| Contact Directions: |
Please email your resume and salary requirments with a number to contact you on: jcarrillo (at) jpatrick (dot) com [email concealed] Thank you for your interest. |
| Company: | J. Patrick & Associates |
| First Name: | Julia |
| Last Name: | Carrillo |
| Title: | Executive Recruiter |
| Email: | jcarrillo (at) jpatrick (dot) com [email concealed] |