Please note I have direct access to the Hiring CISO on this position.
Compensation: Salary + Bonus + Options
A leading national publicly traded financial institution is looking for an Assistant CISO. The company has experienced significant growth over the past 5 years including increase in profit from $60 million to $180 million, increase in net assets from $5 billion to $15 billion and growth of the security department five fold.
The Assistant CISO will be responsible for the management of a Security Department implementing and administering the industry s Best of Breed Security tools and technology. The Assistant CISO will be responsible for:
- Performing an enhanced overall companywide Enterprise Security Risk Assessment and Methodology
- Coordinate with IT Management in identifying, establishing and implementing new and additional security initiatives, standards, policies, procedures, controls and best practices throughout the organization
- Specific technical areas to be addressed include:
- Securing Azure Cloud Environment (currently running as SAAS and PAAS and moving to IAAS)
- Complete the build out and implementation of the DevSecOps environment
- Securing the SDLC
- Threat Monitoring, Threat Modeling, SIEM (Qradar), Vulnerability Management (Qualys), Incident Response and Remediation, Network Behavior Anomaly Detection (NBAD), etc.
- Establishing and managing Security SLA's and KPI's
The Assistant CISO reports to the CISO
- Experience at the Security Architect, Manager, Director, VP, ISO and/or CISO level
- Expertise in one or more of the following Security Areas:
- Enterprise Security Risk Assessments
- Securing the implementation and management of Azure and/or AWS Cloud environments
- Managing the design, build out and administration of a DevSecOps environment
- Securing the SDLC
- Threat Monitoring, Modeling and Operations, Vulnerability Management and Incident Response
- Experience with any of the following are only a PLUS; NOT mandatory
- Experience in highly regulated/compliance environment
- Familiarity with The Three Levels of Defense Model
- Architecture risk analysis
- BS or MS degree in CS or related field and/or CISSP, CEH, OPST, OPSA, CPSSE, ECSP, GSSP, Certified Security Software Engineer
The company offers full benefits (PPO & HMO) including dental and vision, matching 401K, 3 weeks of vacation, 8 paid sick/personal days, Short/Long Term Disability, Life Insurance, Employee Assistance Program, Wellness Programs, casual dress and flexible work hours that all start upon employment.