Lead Information System Security Officer

WME Needs Lead Information System Security Officer

 

Position:
Full-Time
Location: 
Remote
Start Date: 
June 1, 2023
Nationality:
Any

Windows Management Experts (WME) is looking for a Lead Information System Security Officer role. The Lead shall have functional knowledge in all areas of cybersecurity, but in particular, the federal cybersecurity guidance documents including OMB Memorandums, FISMA, and NIST Special Publications.

As a Lead Information System Security Officer, you will play a crucial role in safeguarding our client organization’s sensitive and confidential data from unauthorized access, use, disclosure, modification, or destruction. You will be responsible for leading the development and implementation of their information security program, ensuring that it meets the highest industry standards, complies with relevant regulations, and aligns with their business objectives and risk appetite.

You will lead a team of security professionals, including security analysts, engineers, and administrators, and work closely with executive leadership, business units, and IT teams to ensure that our security program is integrated into all aspects of our business operations. You will be a subject matter expert in security governance, risk management, and compliance, and provide thought leadership and guidance to the organization on security-related matters.

As a Lead Information System Security Officer, you will need to have a deep understanding of security technologies, threats, and trends, as well as excellent communication and interpersonal skills. You will need to be able to communicate complex security concepts to technical and non-technical audiences and establish and maintain effective relationships with stakeholders across the organization.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Required Skills/Qualifications/Education:

  • Degree in Computer Science, Information Systems or related discipline from an accredited college or University required.
  • 10+ years’ IT Security experience, preferably in an ISSO or ISSM role.
  • Certification(s) in information technology security (e.g., CISSP or CISM).
  • Ability to implement information security requirements for IT systems through the Risk Management Framework(RMF)
  • Excellent written and verbal communication skills including the ability to communicate effectively with internal stakeholders.
  • Experience in developing and implementing security policies, procedures, and guidelines in compliance with industry best practices and regulatory requirements such as NIST, ISO, HIPAA, or PCI DSS.
  • Knowledge of network security protocols, such as TLS/SSL, IPSec, SSH, and VPN, and experience configuring and managing network security devices, such as firewalls, routers, and switches.
  • Strong understanding of cloud security architecture and experience securing cloud-based environments, such as AWS, Azure, or GCP.
  • Expertise in performing security risk assessments, vulnerability assessments, and penetration testing, and ability to analyze and report on security-related metrics and trends.
  • Familiarity with security incident response procedures and experience leading incident response teams in identifying, containing, and mitigating security incidents and breaches.
  • Knowledge of identity and access management (IAM) concepts and technologies, such as SSO, MFA, RBAC, and LDAP, and experience implementing and managing IAM solutions.
  • Ability to stay current with emerging security technologies, threats, and trends, and provide thought leadership and guidance to the organization on security-related matters.

Responsibilities of the Desired Lead Information System Security Officer:

  • Develop and maintain the organization’s information security strategy, including goals, objectives, and roadmap, in alignment with business objectives and risk appetite.
  • Lead the organization’s security governance, risk management, and compliance (GRC) efforts, including overseeing the implementation of security controls, risk assessments, and audits.
  • Develop and maintain the organization’s security policies, procedures, and standards, ensuring they are up to date, communicated effectively, and enforced consistently across the organization.
  • Establish and maintain relationships with key stakeholders across the organization, including executive leadership, business units, and IT teams, to ensure alignment and buy-in on security initiatives and priorities.
  • Lead the incident response team in responding to security incidents, including identifying, containing, investigating, and remediating incidents, and reporting them to relevant stakeholders.
  • Manage the security awareness and training program, including developing and delivering security awareness training to employees and contractors on a regular basis.
  • Monitor and analyze security-related data from various sources, including security devices, logs, and threat intelligence feeds, to identify potential security threats and take appropriate actions to mitigate them.
  • Lead the security architecture and engineering efforts, including designing and implementing security solutions and technologies that meet business requirements and comply with security standards and regulations.
  • Manage relationships with third-party security vendors, including conducting due diligence assessments, negotiating contracts, and overseeing the delivery of services.
  • Participate in security-related forums and conferences, stay up to date with emerging security technologies and trends, and provide thought leadership to the organization.
  • Develop and maintain security metrics and dashboards that report on the effectiveness of the security program and communicate security risks and trends to relevant stakeholders.
  • Continuously evaluate and improve the security program, including conducting regular security assessments and audits, identifying areas for improvement, and implementing changes to address gaps and risks.

Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

Disclaimer

All the qualified applicants will receive due consideration for employment without any regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Share:

Facebook
Twitter
LinkedIn

Apply for this Job

    You can opt out if you are not interested in updates about this job and related jobs.

    On Key

    More Posts

    Power BI - Developer

    Power BI – Developer

    Location:     REMOTE Work:           FULL-TIME Start Date:   ASAP Nationality:  REMOTE Windows Management Experts (WME) is seeking a motivated and experienced Power BI Developer Role to join one of our client companies. As a BI developer, you will focus on converting raw

    Read More »
    Security Risk Management Contractor

    Security Risk Management Contractor

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Duration: 9-10 Months Windows Management Experts (WME) is seeking a motivated and experienced Security Risk Management Contractor Role to join one of our client companies. Our client company is an Advisory, Assurance, Tax Firm. You

    Read More »
    Linux Consultant Engineer Required by WME

    Linux Consultant Engineer

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is seeking a motivated and experienced Linux Consultant Role to join one of our client companies. Your primary focus will be on overseeing and participating in the patching processes of their

    Read More »

    System Engineer FL

      Position: Full-Time Location:  Tampa, FL Based Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a motivated & experienced System Engineer Role to join one of our valued clients for a migration implementation project. As the lead system engineer, you’ll use your

    Read More »
    Network Engineer Required by WME

    Network Engineer FL

    Position:         Full-Time Location:        Tampa FL Based Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a motivated & experienced Network Engineer Role to join one of our valued clients for a migration

    Read More »
    Hybrid AD Migration Engineer required by WME

    Hybrid AD Migration Engineer

    Position:         Full-Time Location:        Remote Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a motivated and experienced Hybrid AD Migration Engineer Role to join one of our client companies. The candidate

    Read More »

      You can opt out if you are not interested in updates about this job and related jobs.