Previous Job
Previous
Chief Information Security Officer
Ref No.: 18-37810
Location: Dallas, Texas
Skill Type
Skill Type:Information Technology
Chiief Information Security Officer
Description: We are seeking a strong, knowledgeable leader to provide vision, strategy, broad-based planning, and hands-on responsibility as the Chief Information Security Officer (CISO). The CISO directly reports to the Chief Information Officer (CIO) e City CISO in city-wide cybersecurity efforts and participated in the Citywide Cybersecurity Forum.  The CISO leads the development and implementation of a departmental security program that leverages collaboration, facilitates information security governance, advisessenior leadership on security direction and resource investments to capitalize on Citywide cybersecurity investments, and designs appropriate policies to manage information security risk in alignment with the Citywide Cybersecurity requirements. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the organization level.
Important and Essential Duties:
  • Use a risk-based approach to provide leadership, direction and prioritization in assessing and evaluating information security risks across the organization with a high level of integrity and discretion, advising and consulting with executives on identified risks and ensuring the execution of agreed upon mitigation/remediation steps.
  • Oversee the ongoing strategic development of the information security project portfolio, departmental incident response and security policy frameworks in alignment with Citywide Cybersecurity policies, security compliance activities, departmental threat and vulnerability management, departmental information security training and awareness program, including specialized triaging in areas of high criticality in close partnership with IT Security Operations and Citywide Cybersecurity Team.
  • Direct and allocate resources that achieve a robust security strategy by identifying and advocating for investments, capitalizing on Citywide cybersecurity investments, aggressively managing capital and operating budgets, and providing thorough Return on Investment (ROI) analysis and IT budget recommendations.
  • Create alignment and support for the security program goals, initiatives and strategies, effectively balancing the needs of internal and external stakeholders and informing leadership at all levels on efforts and trends impacting the overall effectiveness of the information security programs.
  • Promote understanding of regulatory requirements across the organization, leading and/or collaborating with cross functional teams and senior business leaders to ensure execution of required testing and auditing activities by internal and external parties leading to the successful certification and/or compliance of the organization on an on-going basis.
  • Develop departmental cybersecurity requirements in alignment with the Citywide cybersecurity requirements and in regulatory requirements to ensure enterprise and product compliance with industry standards including HIPAA, HITRUST, ISO 27001, NIST, PCI-DSS and other security standards.
  • Partner with the Citywide Cybersecurity team to monitor external and emerging threats and take the appropriate course of action and communication.
  • Oversee business continuity and disaster recovery policy management to support departmental compliance with Citywide Disaster Recovery policy, training, testing and coordination with agencies and staff for disaster planning and preparation.
  • Develop and coordinate plans for incident response within the City cybersecurity incident response framework to ensure that business critical services can be maintained.
  • Participate and support data assets on premises, in coordination with third parties and in the cloud.
  • Ensure project management includes processes to manage security risks.
  • Manage contract and vendor negotiations ensuring ongoing contract security standards and close coordination with legal and risk management.
  • Develop, implement and maintain departmental policies (on a routine cadence) to support Citywide Cybersecurity policies and departmental procedures in order to ensure effective security program operations.
  • security-related matters with the Citywide CISO and in the Citywide Cybersecurity Forum City partners, internal and external customers, and industry groups; be visible and enhance the organization's external standing in the information security space.
  • Provide regular reporting on the current status of the information security program to risk teams and senior  leaders as part to support ongoing security strategy and management.
  • Stay current with industry trends and the latest information security practices and standards to ensure solutions incorporate effective use of technology.
Compensation and Benefits:

In addition to a competitive salary, we offer flexible benefit plans with pre-tax elections which include: medical and dental insurance; retirement plan; deferred compensation plan; Social Security; long-term disability plan; life insurance; management training program; paid holidays annually

Education:
Bachelor's in business, computer engineering, computer science or any related field.
Experience:
A minimum of eight (8) years in information technology security, including:
  • Five (5) years of IT security experience.
  • Three (3) years of experience supervising  IT security professionals.

Desirable : The following desirable qualifications may be used to identify job finalists at the end of the selection process when candidates are referred for hiring.
  • Project management experience.
  • Financial and budget management experience.
  • Professional security management certification is desirable (CISSP, CISM, CISA).
  • Experience with vendor management..

Experience:
  • IT security: 5 years (Required)
  • supervising IT security professionals: 3 years (Required)
  • It Project Management: 5 years (Preferred)
Education:
  • Bachelor's (Required)
License:
  • CISSP (Preferred)
  • CISM (Preferred)
  • AXELOS ITIL (Preferred)
  • CISA (Preferred)
Work authorization:
  • United States (Required)
Nesco Resource is an equal employment opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or veteran status, or any other legally protected characteristics with respect to employment opportunities.