Chief Information Security Officer (CISO) / IT ManagerLocation: Near Schoharie, NY
Salary Range: $95,000 - $100,000 annually
Employment Type: Full-Time
Lead Information Security, Technology Operations & Regulatory ComplianceOur respected financial client in the Capital Region is seeking an experienced
Chief Information Security Officer (CISO) / IT Manager to lead its information security program, technology operations, cybersecurity initiatives, regulatory compliance efforts, and business continuity planning.
This is a highly visible leadership position responsible for safeguarding critical information systems, ensuring compliance with regulatory requirements, and supporting the organization's long-term technology strategy. The successful candidate will serve as a trusted advisor to executive leadership and the Board while overseeing the organization's cybersecurity posture and IT governance framework.
Position OverviewThe CISO / IT Manager will oversee the development, implementation, and ongoing management of the organization's information security and technology programs. This role is responsible for coordinating security efforts across departments, managing cybersecurity risks, supporting regulatory examinations, overseeing disaster recovery planning, and ensuring that technology infrastructure remains secure, reliable, and compliant.
This position combines strategic leadership, risk management, regulatory compliance, and hands-on technology oversight.
Key ResponsibilitiesInformation Security Leadership- Lead and manage the organization's Information Security Program
- Develop, implement, and maintain information security policies, procedures, and standards
- Serve as the organization's primary information security advisor
- Evaluate emerging cybersecurity threats and recommend appropriate safeguards
- Coordinate information security initiatives across all business units
- Provide regular updates and reporting to executive leadership and the Board of Directors
Cybersecurity & Risk Management- Conduct annual information security risk assessments
- Evaluate cybersecurity risks and implement mitigation strategies
- Monitor access controls and user permissions across systems
- Oversee vulnerability management, security monitoring, and remediation efforts
- Review firewall reports, antivirus reporting, network scans, and software update compliance
- Ensure appropriate security controls are maintained throughout the organization
Regulatory Compliance & Audits- Manage compliance with:
- NYS Department of Financial Services (NYDFS) Cybersecurity Regulations
- FFIEC Cybersecurity Assessment requirements
- GLBA Information Security requirements
- NIST and COBIT cybersecurity frameworks
- PCI compliance standards
- Coordinate internal and external cybersecurity audits
- Prepare for and support regulatory examinations and assessments
- Monitor evolving regulatory requirements and implement necessary changes
Security Awareness & Training- Develop and oversee cybersecurity awareness programs
- Provide security training for employees and leadership
- Deliver cybersecurity education and awareness initiatives
- Ensure users understand security policies and best practices
Incident Response & Security Operations- Develop and maintain incident response plans and procedures
- Coordinate investigation and response efforts related to security incidents
- Serve as a key member of incident response and emergency management teams
- Review security events and oversee corrective actions
- Coordinate response activities with internal stakeholders and external partners
Business Continuity & Disaster Recovery- Lead organization-wide disaster recovery and business continuity planning
- Coordinate testing and validation of critical technology systems
- Ensure recovery plans remain current and effective
- Oversee testing of critical infrastructure, applications, and vendor recovery capabilities
- Support pandemic planning and operational continuity initiatives
Vendor Risk Management- Conduct vendor due diligence and cybersecurity reviews
- Review SOC reports, SSAE reports, and other third-party security assessments
- Evaluate cybersecurity insurance coverage and risk management practices
- Monitor vendor performance and compliance requirements
IT Management & Strategic Planning- Participate in technology planning and long-term strategic initiatives
- Manage technology-related contracts and vendor relationships
- Oversee hardware and software inventory management
- Maintain software licensing and technology asset records
- Support budgeting and technology investment decisions
Technical Operations Support- Provide backup support for IT infrastructure and end-user support functions as needed
- Assist with troubleshooting involving:
- Active Directory
- Firewalls
- Network infrastructure
- Windows environments
- Core business systems
- Workstations and end-user technologies
Job Requirements
QualificationsRequired Experience- Experience leading information security, cybersecurity, or IT operations programs
- Strong knowledge of:
- Cybersecurity frameworks
- Risk assessments
- Regulatory compliance
- Incident response
- Business continuity planning
- Experience working within regulated industries, particularly financial services, highly preferred
- Experience managing audits, examinations, and compliance initiatives
Technical Knowledge- Information security governance and policy development
- Risk management frameworks (NIST, COBIT, FFIEC, GLBA)
- Network security technologies
- Access control and identity management
- Disaster recovery and business continuity planning
- Security awareness training and compliance programs
- Windows-based environments and enterprise infrastructure
Leadership Skills- Strong communication and presentation skills
- Ability to work directly with executive leadership and boards of directors
- Strong project management and organizational abilities
- Ability to balance strategic planning with operational execution
- Excellent analytical and problem-solving skills
To see a full listing of all our open positions, please visit:
;/strong>
redShift Recruiting is the region's premier recruiting agency with over 100 years of combined experience in the recruiting field. We specialize in permanent, temporary, and temp-to-hire positions. Our superior service combined with our highly qualified and carefully selected bank of candidates sets us apart. 
Never miss an opportunity! Create an alert based on the job you applied for.
