VP/CISO

Description

Link Technologies is currently looking for a CISO for a full time position in Las Vegas, NV. The VP/Chief Information Security Officer is accountable for the creation, implementation and oversight of a wide series of strategies and programs designed to limit information security risk across the entire enterprise. He/she is responsible for providing leadership, vision and direction to the information security team and for coordinating information technology risk and security efforts companywide through the identification of protection goals, objectives and metrics consistent with external regulatory and legislative requirements as well as corporate strategy and policy. The CISO manages the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of security. The CISO oversees incident response planning as well as the investigation of security breaches and assists with disciplinary and legal matters associated with those breaches.

POSITION RESPONSIBILITIES:

• Establishes and sets the information security strategic direction for the enterprise.
• Establishes information security department goals and objectives.
• Leads programs and processes to monitor the emergence of new threats and vulnerabilities assessing impacts and driving responses, as appropriate.
• Ensures that clear and timely business advice is provided to executive management on key information security and assurance issues, including potential threats, vulnerabilities and control techniques as well as development, implementation and maintenance of an information security infrastructure.
• Establishes a security and risk management functional capability and architecture across the organization and ensures that established security architecture, standards, policies and procedures are available and enacted consistently across the enterprise.
• Analyzes issues related to information technology policy, assesses current issues, performs legal research and reports findings.
• Develops technology-appropriate policies in conjunction with Legal, Internal Audit, IT, Risk Management, Human Resources, Privacy and Security.
• Develops and administers appropriate sensitive information handling and storage policies as well as awareness and educational programs.
• Reviews technology and information policies for continued applicability and effectiveness and interprets current policy related to specific issues, situations and incidents.
• Responsible for information protection including network security architecture, network access and monitoring policies, employee education and awareness.
• Communicates technology and information security policies to the Corporation through presentations, memos, articles, classes, etc.
• Interacts with related disciplines to ensure consistent application of policies and standards across all technology projects, systems and services.
• Analyzes and tracks reports of inappropriate use of technology and company/personal information, including computer security incidents and guides the investigation and resolution of such incidents.
• Develops and maintains global directory services, including enterprise directories and identification, authentication, authorization mechanisms, associated maintenance processes and online address books.
• Interacts with Risk Management, Internal Audit, Legal, IT, Human Resources, Privacy and Security to ensure mutual cooperation around information security related matters.
• Assesses and reports on computer systems and telecommunications security risks within the IT environment.
• Develops, implements and administers technical information security programs.
• Develops and maintains mechanisms for identifying, authenticating and authorizing users attempting access to IT resources and information.
• Provides security related input to strategic and tactical planning, budget preparation, initiatives and projects planning, internal and external reporting and other management activities, as required.

• Reporting to this position are the Manager/Director Data Security, the Director of Operational Governance, the Manager of Policy, Procedures and Standards Policy and the Chief Enterprise Architect Access and Governance.

Bachelors or Masters degree in Computer Science, Information Systems Management, etc.

At least ten (10) years of leadership experience in computing or related technology areas of which 5 years must be high-level Security strategy and operations.

Must demonstrate excellent verbal and written communication skills.

Extensive experience with data and computer security.

Chief Security Officer experience preferred.

Experience with disaster recover planning and testing, auditing, risk analysis, business resumption planning and contingency planning.

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA) certifications are highly desirable.

KNOWLEDGE/SKILLS/ABILITIES:

Ability to communicate information security-related concepts to a broad range of technical and non-technical audiences.

Deep understanding of enterprise information security architecture discipline, process, concepts and best practices.

Advanced understanding and ability to apply leadership skills managing administrative roles and responsibilities, IT contracting negotiations and licensing as well as oversight in assuring quality control and system dependability.

Proven ability to lead staff to secure resources, expertise and approvals necessary to implement large-scale IT solutions securely.

Advanced leadership competencies include providing direction and accountability planning and evaluation; change management; financial management; quality management and risk management, Human Resources management and supervision.

Proven ability to facilitate effective meetings, information requirements gathering sessions, architectural deep dive technical sessions.

Ability to document effectively, using non-technical business terms and vocabulary that will be clearly understood by all users and co-workers.

Demonstrated track record in successfully delivering increasing complex projects on time and within budget.