Chief Information Security Officer
Morris Plains, NJ, USA | Leading Financial Services Company
Functions:IT / Information Technology
Job Description:59 people have viewed this job
Weichert Co is hiring a Chief Information Security Officer at the corporate headquarters in Morris Plains, NJ. The Chief Information Security Officer (CISO) is the head of IT security, driving the IT security strategy and implementation forward while protecting the business from security threats and cyber-hacking. The Chief Information Security Officer will be responsible for providing strategic thought leadership and measurable, defined outcomes in the oversight and delivery of a robust enterprise information security program. Key focus areas will be in the establishment and direction of developing, implementing, sustaining, and enhancing enterprise information security and risk management programs. Job responsibilities include, but are not limited to, the following:
Supplies technical oversight of security services to ensure they are adequately providing the proper levels of protection. Recommends IT security strategies and solutions that will support enterprise needs and create consistency across companies.
Identifies information security risks within the enterprise and recommend technologies, and services for mitigation.
Oversees and coordinates regular activities of the security providers to ensure coordination and proper configuration is in place to meet or exceed policy.
Ensures delivery of security services and technologies that meet current demands for rapid and dynamic deployment of applications.
Establishes annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
Develops, implements and administers technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
Provides leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
Coaches and supports an effective IT Security Team. This team will be responsible for contributing to and executing the IT security strategies for the Company.
Tracks latest IT security innovations and keeps abreast of the latest cyber security technologies.
Oversees the investigation and reporting of identified security breaches.
Works with Weichert leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs to effectively address federal and state statutory and regulatory requirements.
Performs other duties as assigned.
The ideal candidate will meet the following requirements:
Bachelor's Degree in Information Technology or related field strongly preferred
Masters Degree preferred
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is required.
Ten (10) or more years of proven IT security experience, or IT operations
Minimum of eight (8) years of experience in information security architecture
Significant experience with the daily operations of information security controls such as Identity Access and Management, intrusion detection, malware defenses, network access controls, and data loss prevention.
Expert knowledge of modern network security technologies such as network and host-based intrusion detection/prevention, vulnerability assessment (including app/web-layer interrogation), DDOS protection, sandbox technology, host-based integrity checking, endpoint protection, AV/AM, application security solutions, virtualization, Data Loss Prevention, etc.
Experience with leading, developing, and establishing best practices in a Cyber Security Operations Center, including understanding of how to design SOC procedures, programs, and services across a decentralized environment.
Ability to communicate with both technical and non-technical groups on a regular basis to maintain transparency on work efforts and to ensure design and implementation is understood by all team participants.