Remote Business Information Security Officer

Logo of EVOTEK

EVOTEK

πŸ’΅ $150k-$190k
πŸ“Remote - United States

Job highlights

Summary

Join EVOTEK as a Business Information Security Officer (BISO) to drive the security strategy by developing and executing security initiatives that span technology, process, and culture. The BISO will support a group/team to develop a deep understanding of the business to provide guidance on information security topics, policies, and controls.

Requirements

  • Cyber Compliance Assessments & Regulatory Compliance experience specifically NIST 800-171, CMMC and DFARS
  • 10+ years of Cybersecurity experience ideally within the oil industry or Defense Industrial Base Sector, with a background in Security and Compliance
  • Seasoned track record of assessing threat and vulnerability from a business and technical perspective
  • Ability to develop and champion pragmatic security solutions that support growth of the business
  • Experience developing a strategic, comprehensive enterprise information security and IT risk and privacy management program
  • Experience with supporting customer-facing products, not just internal
  • Ability to create a culture of accountability and security
  • Ability to communicate and engage effectively with a diverse audience, including front line technical staff, non-technical staff, management, executives, and vendors/providers
  • Self-starter with the ability to lead tasks with demonstrated ability to work independently

Responsibilities

  • Develop, drive, and implement Client overall information security program (goals, objectives, and policies) while establishing departmental goals and priorities to execute on that vision
  • Establish a defined, consistent security architecture standard and work with Clients to implement technical controls in line with cutting edge best in class security and privacy standards
  • Drive Client domestic and international projects to meet emerging cyber security requirements, data protection and privacy laws
  • Implement approved policies and procedures to ensure information security efforts are properly coordinated and in compliance to make recommendations for changes and improvements to reduce Client overall security risk
  • Monitor and assess the compliance of Client organizations with information security policies and procedures, while ensuring third-party compliance
  • Oversee Client incident response planning, data loss prevention and remediation of breaches, serving as the focal point for response delivery
  • Implement ongoing Client risk assessment programs targeting information security and privacy matters; recommend methods for vulnerability detection and remediation and perform and/or oversee vulnerability testing
  • Coordinate and deliver information security reporting and assessments as required by regulatory agencies, clients, and management
  • Work with peers across the company to review customer feedback/ requirements and ensure that security strategy and roadmaps are aligned with the security needs of Clients
  • Keep current on the latest security and privacy legislation, regulations, alerts, and vulnerabilities pertaining to the organization. Conduct continual research to maintain knowledge of technology, customer needs and overall requirements
  • Participate in key initiatives and projects to ensure that cybersecurity controls are accounted for early within the project and software development lifecycles
  • Ensure risk assessments are conducted on Client high-risk business applications. Provide escalation for high-risk issues arising from those assessments. Ensure remediation plans are tracked to completion

Benefits

  • Salary commensurate with years’ of experience, technical expertise and geographic location
  • Performance bonuses
  • Benefits package that includes 100% paid medical, dental and vision for the employee
  • 401(k) with employer match
  • Strong company culture
  • Flexible PTO policy
  • Flexible working arrangements
  • Annual company overnight retreat (employee + significant other)

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Please let EVOTEK know you found this job on JobsCollider. Thanks! πŸ™