Our client is actively seeking a new Chief Information Security Officer to lead the security operations for their growing Federal Consulting Practice. The Chief Information Security Officer (CISO) is responsible for the overall organizational security strategy, security program oversight and security architecture development for the organization. The scope of this role covers all utilized security technologies and services, including protection services, perimeter defenses, physical and logical access control, and user profile management of all employees, contractors and visitors. As the organization-s senior security officer, this person also has enterprise-level responsibility for all data/information security policies, standards, evaluations, roles, and organizational awareness. The Chief Information Security Officer will work closely with the designated privacy officer within Legal to ensure that technological and physical access controls effectuate the organization-s data privacy policies.Minimum Qualifications:
* Bachelor-s degree in Computer Science or a related field, and 10+ years of progressively responsible experience in the information security field. A combination of education and experience, including through military service will also be considered.
* CISSP, CISM or equivalent certification.
* 5 years of direct experience in decision making in a converged (logical / physical) security management role.
* Demonstrated understanding of NIST 800-53, 800-171, and FedRAMP.
* In-depth technical knowledge in implementing data protection and integrity, operating systems and network security, authentication, and security protocols.
* Experience and advanced understanding of NIST, FISMA, and PCI standards.
* Experience with:
o Maintaining operational computer and network security, firewall administration, virus protection, intrusion detection and prevention, automated security patching, and vulnerability scanning systems
o Administering information security programs including risk assessments and forensic research, designing security architectures, developing policies, gathering metrics, and reporting status.
* Experience with data breach management and managing an actual data breach.
* Proven project management skills.
* Excellent presentation skills, with the demonstrated ability to effectively communicate with all levels of management.