Adaptive Solutions Group is a premier provider of information technology personnel. We provide a variety of technical professionals available for contract, contract to hire, or direct placement positions to companies in and around the St. Louis, Kansas City, Dallas and Denver Area.
We are currently looking for a Chief Information Security Officer to join our team.
Develop, implement and monitor a comprehensive enterprise information security program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
Manage the enterprise' s information security organization, consisting of direct reports and indirect reports.
This includes hiring, training, staff development, performance management and annual performance reviews.
Develop security organization talent, engaging/managing third parties as needed to ensure the required capabilities are available either internally or externally.
Facilitate information security governance through the implementation of a hierarchical governance program.
Develop, maintain and publish up-to-date information security policies, standards and guidelines.
Oversee the approval, training, and dissemination of security policies and practices.
Align with the Office of the General Counsel to communicate published security policies, standards and guidelines
Align with executive stakeholders to align to key initiatives, implement appropriate security practices.
Develop and manage information security budgets.
Create and manage information security awareness training programs for all employees, contractors and approved system users.
Work directly with the major stakeholders to facilitate security risk assessment processes; align with stakeholders throughout the enterprise on identifying acceptable levels of mitigated or residual risk.
Provide regular reporting on the current status of the security program to Executive Leadership and the Board of Directors.
Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
Develop and implement an information security management framework that aligns with our organization, our risk profile, and our existing compliance initiatives and efforts.
Provide strategic information security guidance for organizational initiatives, including the evaluation and recommendation of technical security controls.
Align with the IT architecture teams to ensure inclusion of security requirements during the design, implementation, and maintenance of application and systems.
Align with the Office of the General Counsel to ensure that security and privacy programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
Work with Internal Audit and outside consultants as appropriate on required security audits.
Investigate security breaches providing updates to all stakeholders on source and mitigation actions.
Define and facilitate the information security risk assessment process, including the reporting and oversight of findings and remediation strategies.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the organization’ s reputation.
Monitor and understand potential threats, vulnerabilities, and control techniques affecting the organization, and advise relevant stakeholders on the appropriate courses of action.
Partner with external agencies, such as law enforcement, government agencies and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture.
Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, align to emerging threats, and increase the maturity of the information security program.
Experienced, polished, consensus building, and persuasive leader who can serve as an effective member of the IT senior management team and communicate information security-related concepts to a broad range of technical and non-technical staff.
Ten or more years of progressive experience in information risk or information security, including experience with internet technology and security issues.
Five or more years of leadership experience driving transformational change within a complex environment.
Seven or more years of experience working with IT security guidelines and requirements outlined or as driven by HIPAA, PCI-DSS, GLBA etc.
Experience presenting to Board of Trustees
Experience in driving change in security functions within multiple organizations.
Demonstrated experience with advising and influencing senior management
Ability to work and effectively prioritize in a highly dynamic work environment.
BA or BS in Computer Science, Information Management, or related field, or equivalent experience; advanced degree(s) preferred.
Adaptive Solutions Group is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, and veteran or disability status.
Adaptive Solutions Group offers a competitive compensation and benefits package that includes medical, dental, STD/LTD, life insurance coverage, 401k, paid vacation and holidays.