Chief Information Security Officer

By joining our team, you will become the leading voice in securing both our Corporate and Product capabilities. In close collaboration with partners throughout the organization, you will help lead our security team to deliver mission critical security solutions.

We are looking for a rising Chief Information Security Officer (CISO) who has experience across the many security disciplines and is looking to break through to the next level. You are a strong leader and manager, but you can still step in and contribute to delivery as necessary. As an organization where security is often at the heart of decision making, you will know how to balance fortifying our security positions and partnering with business stakeholders.

What You’ll Be Working On

• Define and own a cybersecurity roadmap, budget and key performance indicators focused on reducing cyber risk
• Create quarterly, annual and long-term cyber security and cyber risk management goals, articulate strategies, define metrics, and provide necessary updates to executive leadership.
• Ensure alignment between business strategy and Information Security Management Program direction.
• Identify and implement security controls to protect systems, operations, and information using standard frameworks like ISO27001.
• Mentor and lead a Security Team to progress skills and competencies.
• Risk management and risk analysis for key partners and vendors.
• Effective protections for a remote workforce, all company and cloud delivered technology environments, assets, systems and data.
• Lead Security Incident Response and the ongoing and effective handling and remediation of security incidents.
• Keep well informed of developing security threats, and proactively create strategies to understand and mitigate potential security problems that might arise from acquisitions or other big business moves
• Facilitate and/or conduct regular company-wide security awareness, education, and training.
• Vulnerability management and remediation or mitigation of vulnerabilities in IT and OST systems.
• Own security related policies, documentation and procedures.
• You are a strong and experienced people leader. You know how to build and empower hard-working teams and individuals and help them grow to their potential.
• Your ethics and ability to manage sensitive material are unquestionable
• Point of contact for communicating OneStudyTeam security posture with external parties, including customers, regulators, and auditors.

What You Bring to OneStudyTeam

• Bachelor’s Degree in a related field or at least 10 years relevant professional experience.
• At least 5 years in a leadership role (director or higher.)
• Demonstrable expertise in related Security Frameworks such as NIST, ISO 2700X, CIS.
• Advanced professional security certifications such as: CISSP, CISM, CISA, or CCSP
• A leader who is comfortable rolling up their sleeves and contributing to the success of their teams.
• Highly motivated, detail oriented, and a passion for all things cyber-security.
• Excellent Written and verbal communications with the ability and ease to breakdown complex and nuanced topics with simple and concise delivery.
• Action oriented with the ability to prioritize, schedule and track to deadlines.
• Ability to thrive and take command in high-pressure situations and high-stakes scenarios, being decisive and composed.
• Leadership and management discipline, high emotional intelligence, and commitment to high levels of team engagement.
• Passion for growing, mentoring, and developing a diverse team with varying backgrounds and skill sets.
• Have successfully led teams performing incident response.
• Complete and thorough understanding of delivering and executing enterprise security operations at scale.
• Demonstrable deep-level knowledge of best-practice security architecture, supporting defense-in-depth and protecting legacy and modern technology.
• Application of best practice in identity protection and privileged access management.
• Ability to quantify business risk and drive maturity in vulnerability management through direct and indirect mitigations
• Prior experience leading or delivering gap analysis, and security risk assessments.
• Prior experience building security program for SaaS software development lifecycle for a product deployed in a cloud environment, such as AWS or Azure.

Apply Here