Lead Information System Security Officer

WME Needs Lead Information System Security Officer

 

Position:
Full-Time
Location: 
Remote
Start Date: 
June 1, 2023
Nationality:
Any

Windows Management Experts (WME) is looking for a Lead Information System Security Officer role. The Lead shall have functional knowledge in all areas of cybersecurity, but in particular, the federal cybersecurity guidance documents including OMB Memorandums, FISMA, and NIST Special Publications.

As a Lead Information System Security Officer, you will play a crucial role in safeguarding our client organization’s sensitive and confidential data from unauthorized access, use, disclosure, modification, or destruction. You will be responsible for leading the development and implementation of their information security program, ensuring that it meets the highest industry standards, complies with relevant regulations, and aligns with their business objectives and risk appetite.

You will lead a team of security professionals, including security analysts, engineers, and administrators, and work closely with executive leadership, business units, and IT teams to ensure that our security program is integrated into all aspects of our business operations. You will be a subject matter expert in security governance, risk management, and compliance, and provide thought leadership and guidance to the organization on security-related matters.

As a Lead Information System Security Officer, you will need to have a deep understanding of security technologies, threats, and trends, as well as excellent communication and interpersonal skills. You will need to be able to communicate complex security concepts to technical and non-technical audiences and establish and maintain effective relationships with stakeholders across the organization.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Required Skills/Qualifications/Education:

  • Degree in Computer Science, Information Systems or related discipline from an accredited college or University required.
  • 10+ years’ IT Security experience, preferably in an ISSO or ISSM role.
  • Certification(s) in information technology security (e.g., CISSP or CISM).
  • Ability to implement information security requirements for IT systems through the Risk Management Framework(RMF)
  • Excellent written and verbal communication skills including the ability to communicate effectively with internal stakeholders.
  • Experience in developing and implementing security policies, procedures, and guidelines in compliance with industry best practices and regulatory requirements such as NIST, ISO, HIPAA, or PCI DSS.
  • Knowledge of network security protocols, such as TLS/SSL, IPSec, SSH, and VPN, and experience configuring and managing network security devices, such as firewalls, routers, and switches.
  • Strong understanding of cloud security architecture and experience securing cloud-based environments, such as AWS, Azure, or GCP.
  • Expertise in performing security risk assessments, vulnerability assessments, and penetration testing, and ability to analyze and report on security-related metrics and trends.
  • Familiarity with security incident response procedures and experience leading incident response teams in identifying, containing, and mitigating security incidents and breaches.
  • Knowledge of identity and access management (IAM) concepts and technologies, such as SSO, MFA, RBAC, and LDAP, and experience implementing and managing IAM solutions.
  • Ability to stay current with emerging security technologies, threats, and trends, and provide thought leadership and guidance to the organization on security-related matters.

Responsibilities of the Desired Lead Information System Security Officer:

  • Develop and maintain the organization’s information security strategy, including goals, objectives, and roadmap, in alignment with business objectives and risk appetite.
  • Lead the organization’s security governance, risk management, and compliance (GRC) efforts, including overseeing the implementation of security controls, risk assessments, and audits.
  • Develop and maintain the organization’s security policies, procedures, and standards, ensuring they are up to date, communicated effectively, and enforced consistently across the organization.
  • Establish and maintain relationships with key stakeholders across the organization, including executive leadership, business units, and IT teams, to ensure alignment and buy-in on security initiatives and priorities.
  • Lead the incident response team in responding to security incidents, including identifying, containing, investigating, and remediating incidents, and reporting them to relevant stakeholders.
  • Manage the security awareness and training program, including developing and delivering security awareness training to employees and contractors on a regular basis.
  • Monitor and analyze security-related data from various sources, including security devices, logs, and threat intelligence feeds, to identify potential security threats and take appropriate actions to mitigate them.
  • Lead the security architecture and engineering efforts, including designing and implementing security solutions and technologies that meet business requirements and comply with security standards and regulations.
  • Manage relationships with third-party security vendors, including conducting due diligence assessments, negotiating contracts, and overseeing the delivery of services.
  • Participate in security-related forums and conferences, stay up to date with emerging security technologies and trends, and provide thought leadership to the organization.
  • Develop and maintain security metrics and dashboards that report on the effectiveness of the security program and communicate security risks and trends to relevant stakeholders.
  • Continuously evaluate and improve the security program, including conducting regular security assessments and audits, identifying areas for improvement, and implementing changes to address gaps and risks.

Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

Disclaimer

All the qualified applicants will receive due consideration for employment without any regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Apply NOW

Share:

Facebook
Twitter
LinkedIn
Picture of Wajid Ali

Wajid Ali

Apply for this Job

    You can opt out if you are not interested in updates about this job and related jobs.

    On Key

    More Posts

    Network System Administrator

    Network System Administrator

    November 20, 2024

    EMC Work Requirements: The education, knowledge, and skills required for this position are equivalent to that of a Network Administrator. The Contract requires that this individual possess the following: Formal Education and Certification: Network Administrator Requirements and Qualifications: Remember: Core Values: Disclaimer: All qualified applicants

    Click Here to Read Full Job Post »
    Network System Integrator-Architect

    Network System Integrator/Architect

    November 20, 2024

    EMC Work Requirements: The education, knowledge, and skills required for this position are equivalent to that of a Network Administrator. The Contract requires that this individual possess the following: Formal Education and Certification: Network Integrator / Architect Requirements and Qualifications: Remember: Core Values: Disclaimer: All

    Click Here to Read Full Job Post »
    Microsoft SQL Server Consultant

    Microsoft SQL Server Consultant

    November 13, 2024

    Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a Microsoft Tech Support SME role for one of our valued partners. The SQL Server Infrastructure expert will help us optimize and manage our SQL server environment. We are

    Click Here to Read Full Job Post »
    Dedicated Automation Tools AI Engineer

    Dedicated Automation/Tool/AI Engineer

    November 8, 2024

    Position:         Full-Time (Dedicated role for nearshore/offshore resources) Location:        Offshore Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a Dedicated Automation/Tool/AI Engineer role to join our team. At WME, we’re transforming

    Click Here to Read Full Job Post »
    Accounting-Finance Staff

    Accounting/Finance Staff

    October 3, 2024

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Working Hours: 9 AM to 5 PM EST USA/ 9PM to 5AM- Manila Time Windows Management Experts (WME) is looking for an Accounting/Finance Staff role for one of our valued partners. WME empowers major companies,

    Click Here to Read Full Job Post »
    Load More

    Keep In Touch

    Twitter Facebook-f Linkedin-in

    Windows Management Experts Inc.  |  501 Cambria Ave Suite 384, Bensalem, PA 19020  |  (888) 307-0133  |  sales@winmgmtexperts.com

    Copyright © 2012-2023 Windows Management Experts Inc. 

      You can opt out if you are not interested in updates about this job and related jobs.