Anywhere
Posted 4 years ago

Website Technical Options

Head of Information Security to set the vision sec

Head of Information Security to set the vision security platform while improving security posture and mentoring our growing and talented team of security specialists. This opportunity includes the responsibility for securing cryptographic materials used in the movement and storage of digital assets, scalable infrastructure that can function in the highly regulated financial services.

The ideal candidate can think both long term and short tem. The candidate must be able lead a team and also has proven technical hands-on experience building out areas such as network/cloud security, IAM, data security, and/or application security.

In this role you will have broad exposure both within and outside the organization by interfacing and representing the organization with regulators, vendors, key stakeholders, and external partners.

In addition to setting the longer term vision and acting as an advisor to CTO and CEO, on a day to day basis you will be responsible for security incident response, threat intelligence, mentoring your team and participating in ongoing audit or compliance activities.

This position requires a track record of competency in the field of information security and/or risk management with at least seven years of relevant experience, including five years in a significant leadership role.

Requirements

Advise and guide CEO, CTO, CRO on key information security matters

Represent during regulatory, compliance, investor or external audits/engagements

Protect and defend both physical and online cryptographic material and information assets

Mentor and lead a talented team of engineers comprised of experts in the areas of hardware/networks, application security, corporate security and digital assets

Monitor day to day operations related to systems, execution of projects, threat intelligence, and incident response

Maintain and expand security governance structure and provide regular reporting on the current status of the information security program to the CEO, enterprise risk and audit, senior business leaders and the board of directors

Understand and interact with key stakeholders to ensure the consistent application of policies and standards across all technology projects, systems and services including privacy, risk, audit and compliance and business continuity management

Manage the security organization including hiring, training, staff development, and performance management

Develop an information security vision and strategy that is aligned to organizational priorities to enable stakeholder buy-in and support

Build and nurture external networks consisting of industry and peers, partners, vendors and other relevant parties to address common trends, findings, incidents, and cybersecurity risks

Partner with the enterprise architecture team to develop security architecture standards and to ensure alignment between security and the enterprise architecture framework as a whole

Liaise with external agencies including government, law enforcement and other advisory and/or regulatory bodies to maintain a strong security posture and stay abreast of the relevant threats

Partner with the enterprise architecture team to develop security architecture standards and to ensure alignment between security and the enterprise architecture framework as a whole

Coordinate security program execution including project plan, milestones, deliverables and information requests across technology and business teams.

Ensure appropriate staffing and resourcing needs are met

QUALIFICATIONS:

Prior hands on experience in a security engineering role (Networks, Application Security, etc)

Up-to-date knowledge of information security risk management and cybersecurity technologies, methodologies, and trends in both business and IT

BA/BS degree with a minimum of seven years of experience in a combination of risk management, information security and IT jobs

Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at various levels, ranging from board members to technical experts

Up-to-date knowledge of information security risk management and cybersecurity technologies, methodologies, and trends in both business and IT

Proven track record and experience in successfully executing programs that meet the objectives of excellence in a dynamic business environment

Strong analytical and problem-solving skills with a proven ability to make decisions and lead through high- pressure, high-stress situations

Knowledge and understanding of the relevant legal and regulatory requirements for the Financial Industry

REQUIRED CERTIFICATIONS:

Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials

Strong track record of sound judgement and professionally handling confidential matters

Knowledge of common information security management frameworks such as ISO/IEC 27001, ITIL, COBIT, NIST(including 800-53 and Cybersecurity Framework)