CISO
Permanent
200,000 - 375,000 USD
Austin, TX, USA
Key Responsibilities:
Manage the Information Security Program:
Provide strategic leadership for risk management, compliance programs, IT systems, and security initiatives.
Ensure adherence to chosen information security standards, based on the NIST Cybersecurity Framework.
Report compliance and security metrics to senior leaders, both internally and externally.
Enhance the information security awareness training program for all employees and contractors.
Participate in business and technology projects to ensure compliance with Information Security Program standards.
Lead the Organization:
Direct the information security function to ensure high-quality security management aligned with business goals.
Establish the information security approach and operating model, aligning with risk management and compliance requirements.
Manage the information security budget, monitoring and addressing discrepancies.
Coordinate a robust information security organization, including hiring, training, staff development, and performance management.
Determine Strategy:
Develop an information security vision and strategy aligned with organizational priorities and business objectives.
Implement and monitor a comprehensive information security program to ensure confidentiality, integrity, availability, safety, privacy, and recovery of information assets.
Assist in new product development, adjusting the strategy to address new threats.
Identify key threats to information assets and champion projects to enhance security.
Operate the Function:
Ensure compliance with applicable laws and global regulatory requirements for data privacy and information security.
Collaborate with the data privacy officer to integrate data privacy requirements.
Oversee technology dependencies outside of direct control, reviewing contracts and managing risk.
Manage information security incidents to protect corporate assets, intellectual property, regulated data, and company reputation.
Monitor the external threat environment and advise stakeholders on appropriate actions.
Develop and oversee disaster recovery policies and standards to support business continuity.
Coordinate incident response plans to ensure recovery of business-critical services.
Oversee external vendors providing security functions.
Maintain and improve compliance with SOC 2 and ISO 9001 certifications.
Qualifications:
10-15 years of experience in risk management, information security, and IT, with at least five years in a senior leadership role.
5-10 years of information security leadership experience with a SaaS provider.
Excellent written and verbal communication skills, with the ability to communicate security concepts to both technical and nontechnical audiences.
Proven track record in developing and executing successful information security programs.
Ability to remain composed and effective in high-pressure situations.
Strong problem-solving and critical-thinking skills.
In-depth knowledge of relevant legal and regulatory requirements, such as GDPR.
Degree in business administration or a technology-related field, or equivalent experience.
Professional security management certifications (e.g., CISSP, CISM, CISA).
Familiarity with information security management frameworks (e.g., ISO/IEC 27001, ITIL, COBIT, NIST 800-53, and Cybersecurity Framework).
Experience with contract and vendor negotiations.
Strong stakeholder management skills.
High level of integrity and ability to handle confidential matters professionally.
Initiative, dependability, and resilience to change, with the ability to work independently.
Bonus Points:
Additional relevant qualifications or certifications.
Travel:
Up to 15%
If you are a seasoned information security professional looking to lead and shape the security landscape of a dynamic organization, we encourage you to apply for this exciting opportunity in Austin, TX.
APPLY NOW FOR THIS ROLE BELOW
Matt
is the consultant managing this role
Matt brings a wealth of nearly two decades of industry experience. He is also the resident expert in Technology.