TITLE: Chief Security Officer
LOCATION: Cincinnati, OH – USA
RELOCATION/VISA: Need to have a relevant visa
SALARY: Mid to High $100′s + bonus + stock
COMPANY: On request
KEY REQUIREMENTS:
HS diploma + 8-10 yrs. of management experience at least 5 of which were in a security ¬related area in a leadership capacity. Must have strong working knowledge of pertinent legislation, including, but not limited to, Sarbanes Oxley Section 404, HIPAA, or ISO requirements. Network-based security experience; Business-based attitude ( i.e.) the recognition that no policies can be implemented w/o demonstrable business benefit; Customer service experience. Awareness of and strong experience in: -Vulnerability testing in addition to penetration testing -Developing security practices as a people problem versus a technical problem -Standards-based architecture with an understanding of how to get there, including compliance monitoring and enforceability. -Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff. Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation. -Must have a solid understanding of information technology as it relates to information security, including topics such as identity management, firewall architecture, and encryption.
Desired Requirements: BS in CS, IT or Bus; Previous CSO or CISO experience, CISSP, CISA, COSO, Cobit, PCI
JOB DESCRIPTION:
This is the top security executive in the company. You will report directly to the Chief Information Officer (CIO). The CSO will oversee and coordinate security efforts across the company, including information technology, human resources, communications, legal, facilities management and other groups, and will identify security initiatives and standards. Oversee a network of security professionals and vendors who safeguard the company’s intellectual property, assets, computer systems, as well as the physical safety of employees and visitors: Create Security and IT Risk Management frameworks; Identify protection goals, objectives and metrics consistent with the corporate strategic plan; Manage the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of security. Physical protection responsibilities will include asset protection, employee protection, workplace violence prevention, access control systems, and surveillance technologies. Information protection responsibilities will include network security architecture, data classification, network access and monitoring policies, employee education and awareness, and more. Work with other executives to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology. Maintain relationships with local, state and federal law enforcement and other related government agencies. Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary. Work with outside consultants as appropriate for independent security audits.
Click here to apply for this position.
