Chief Information Security Officer
Shelton, CT, USA | Pitney Bowes
IT / Information Technology
Job Description:60 people have viewed this job
A Self-motivated Leader who can architect and steer consolidation and planning applications for the enterprise. You are a Loyal individual who will partner with the functional leaders to align business needs with IT solutions to create value.
Information Technology and Business Leadership
• Responsible for the strategic leadership of the company’s information security program.
• Provide guidance and counsel to the VP, IT Infrastructure, the CIO and key members of the company’s leadership team, working closely with senior business, technology leaders, and the employees in defining objectives for information security, while building relationships and goodwill.
• Work with business leadership to oversee the operations of a company-wide information security organization organized toward a common goal in information security.
• Promote collaborative, empowered working environments across locations, removing barriers and realizing possibilities.
• Manage company-wide information security governance processes, chair the Information Security Advisory Committee driving information security program and project priorities.
• Lead the information security planning processes to establish an inclusive and comprehensive information security program for the entire business in support of business, engineering and information systems.
• Establish security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
• Stay abreast of information security issues and regulatory changes affecting all aspects of our business and communicate to the company on a regular basis about those topics. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
• Mentor and implement professional development plans for the Information Security team members.
• Represent the corporation on committees and boards in national and regional consortiums and collaborations
As a Chief Information Security Officer, you have:
Policy, Compliance and Audit
• Led the development and implementation of effective policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
• Led efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the company’s information and technology systems.
• Work with internal audit, external auditors, clients, prospective clients and outside consultants on required security assessments and audits.
• Coordinate and track all information technology and security related audits including scope of audits, departments involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the company in its best light. Provide guidance, evaluation and advocacy on audit responses.
• Work with technology, business and compliance leadership to build cohesive security and compliance programs for the corporation effectively addressing state and federal statutory and regulatory requirements.
• Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI, SOX, HIPAA, and FISMA.
Outreach, Education and Training
• Work closely with IT leaders, technical experts and business leaders across the company on a wide variety of security issues that require an in-depth understanding of the technology supporting their operations, as well as the engineering landscape.
• Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities.
• Work with various groups in Information Technology, Business and Engineering to build awareness and a sense of common purpose around security.
• Pursue employee security initiatives to address unique needs in protecting identity theft, mobile social media security and online reputation program.
Risk Management and Incident Response
• Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise.
• Convene Ad Hoc Security Committee as appropriate and provide leadership for breach response and notification actions for the Corporation.
• Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
• Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
• Examine impacts of new technologies on the company’s overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
• Manage all security delivery tools including anti-virus, IDS / IPS, traffic filtering, event monitoring and correlation
• Manage Identity and Access management. This includes the provisioning of systems access and segregations of duties across all platforms
• Manage endpoint security including group policy and anti-virus.
• Monitor internal control systems ensuring appropriate access levels are maintained.
• Provide the opportunity to grow and develop your career
• Offer an inclusive environment that encourages diverse perspectives and ideas
• Deliver challenging and unique opportunities to contribute to the success of a transforming organization
• Offer comprehensive benefits globally (pbprojectliving.com)
Alrdeady a member? Sign In