The Chief Information Security Officer (CISO) will be responsible for determining enterprise information security standards for Netex. The CISO develops and implements information security standards procedures and ensures that all systems are functional and secure. This person will be familiar with a variety of the field’s concepts, practices, and procedures and will rely on extensive experience and judgment to plan and accomplish goals. The position requires frequent interaction and presentations to customers, the executive committee and the Board of Directors.
Our ideal CISO candidate will focus on protecting valuable information and maintaining the confidentiality and integrity of data through advanced knowledge of security management, network security and protocols, data and application of solutions, and knowledge of industry trends and current and emerging risks. A key responsibility will be advising leadership on enterprise security strategy, security architecture, and security design work; works with business stakeholders to define the security and privacy policies.
MS in Computer Science desired
5+ years working on a security team or consulting
Experience with security management frameworks such as ISO 27001
Knowledge of secure development methodologies such as (PCI-DSS, Data security and Privacy Shield)
Experience securing Ebay and Amazon Web Services (EC2, S3, VPC, etc)
Understanding of the security threat landscape
Re-engineering / process improvement experience, leading and coaching security improvement projects.
Ability to interface with senior management
Strong leadership, motivation and change management skills required
Project management skills must be highly developed.
Maintain relationships with local, state and federal law enforcement and other related government agencies.
Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
Work with internal and external consultants as appropriate for independent security audits.