Chief Information Security Officer (Banking) NC
We are looking for someone who can lead our maturing SecOps organization and evolve it as an industry leader, providing an example of how we provide great experiences both for our internal stakeholders and external customers by identifying, managing and reducing risk to businesses’ most sensitive data.
- Aligning security initiatives with enterprise programs and business objectives.
- Oversees the development and implementation of a security risk assessment program, cybersecurity and breach protocol.
- Analyzes, recommends, oversees and/or reviews secure access methods of connectivity for networks, the organizations web site and intranet, remote access, e-mail communications and access methods from outside the organization.
- Banking industry experience is a hug plus.
- The ability to carefully balance staying the course with guiding your managers’ and teams’ plans when new information and priorities arise
- Outstanding communication and cross-functional partnering skills
- 7+ years leading, developing, and recruiting technical teams, preferably in defensive and offensive security capacities
- 9+ years of experience in Information Security, preferably in incident response, penetration testing, red teaming, threat detection, and/or vulnerability management
- Comprehensive experience defining and/or building metrics to measure and improve the effectiveness of security controls
- Ability to balance strategic vision for the future with the technical competence to lead the execution
- Comprehensive knowledge of Infrastructure-as-a-Service security concepts/best practices, especially AWS
- Experience defining and/or building automated security processes, playbooks, controls, etc.
- Experience of threat hunting & deception techniques
- Knowledge of network traffic analysis (Netflow, Full Packet Capture, DPI)
- Experience in leading and responding to information security incidents.
- Knowledge of the tactics, techniques, and procedures (TTPs) of adversaries and how they may impact the organization
- Understanding of how to acquire and analyze digital forensic information
- Comprehensive knowledge of project ownership and excellent time and task management skills
- Familiarity with the role of Security Operations in major certifications such as SOC2, ISO27Kx, PCI, and SOX auditing, including experience interacting with external auditors
- Basic understanding of data protection principles as relevant to current Data Privacy regulations such as GDPR and CCPA
- Desired Certifications: CISSP, CISM, GSEC