Yoh A Day & Zimmerman Company
Chief information security officer
Yoh A Day & Zimmerman Company, Houston, Texas, United States, 77246
Yoh A Day & Zimmerman Company – Houston, TX
Yoh has an exciting, direct hire opportunity for a
Chief Information Security Officer (CISO)
to join our Energy client! The ideal candidate will have 15+ years of information security-related experience and live within a commutable distance to the office in
Houston, TX
for an onsite work environment. See below for abbreviated job responsibilities and requirements. Title:
Chief Information Security Officer (CISO) Salary:
$170,000-$210,000/year (Based on Experience Level) Type:
Full Time Industry:
Energy Location:
Houston, Texas Responsibilities: Develop and implement strategies, policies, and standards for application security, infrastructure security, compliance, and security operations. Ensure a robust security governance framework that aligns with business goals and regulatory requirements. Lead the development and management of a comprehensive cybersecurity program, crucial for protecting our company’s assets and infrastructure, while facilitating secure digital transformation. Lead the cybersecurity team, setting strategic priorities and ensuring best practices are implemented internationally (US & Mexico). Create and manage an enterprise-wide cybersecurity program to safeguard critical information assets and infrastructure. Oversee security operations, including incident response, threat intelligence, and vulnerability management. Ensure the selection and implementation of appropriate security technologies. Oversee security aspects of digital transformation initiatives, including cloud adoption, OT, and IoT integration. Report to the board of directors on cybersecurity programs and develop metrics to demonstrate the impact and progress of the cybersecurity program. Assess cybersecurity risks across digital infrastructure, networks, and sensitive data. Implement risk mitigation strategies and conduct regular risk assessments and audits. Establish and enforce security policies and procedures in compliance with legal, industry standards, such as: NERC CIP, ISO/IEC 27001. Drive security awareness and training programs for all employees. Oversee business continuity and resiliency plans in collaboration with the CIO and other business leaders. Collaborate with executive leadership, including the CIO, and business unit leaders to integrate cybersecurity into business processes. Work closely with IT, operations, and other departments to ensure a cohesive approach to cybersecurity. Liaise with vendors and external stakeholders to maintain security standards, and serve as the point of contact for law enforcement agencies. Qualifications: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent experience. 15+ years of progressive experience in information security roles, with at least 5 to 7 years in senior management within a large, complex organization, preferably in the energy sector. Direct leadership experience in managing a global security team within a highly regulated industry. Deep understanding of cybersecurity technologies, practices, and methodologies, including intrusion detection systems, firewalls, anti-virus software, data encryption, and emerging technologies, such as: AI, IoT, cloud computing. Experience managing security for critical infrastructure and operational technology (OT) environments. Extensive knowledge of relevant standards and regulations, including: GDPR, NERC CIP, ISO/IEC 27001, NIST frameworks. Proven experience in crisis management and incident response. Strong analytical skills to assess security systems and foresee potential vulnerabilities. Excellent communication skills to explain complex security risks and strategies to stakeholders at all levels, as well as inspire a team of security professionals. Master’s degree in Computer Science, Information Systems, Engineering, Business, or related discipline, or equivalent training/experience (preferred). Bilingual in English and Spanish (highly preferred). Relevant certifications such as CISSP, CISM, CCISO, CompTIA Security+, GIAC Security Essentials, or CISA (preferred).
#J-18808-Ljbffr
Chief Information Security Officer (CISO)
to join our Energy client! The ideal candidate will have 15+ years of information security-related experience and live within a commutable distance to the office in
Houston, TX
for an onsite work environment. See below for abbreviated job responsibilities and requirements. Title:
Chief Information Security Officer (CISO) Salary:
$170,000-$210,000/year (Based on Experience Level) Type:
Full Time Industry:
Energy Location:
Houston, Texas Responsibilities: Develop and implement strategies, policies, and standards for application security, infrastructure security, compliance, and security operations. Ensure a robust security governance framework that aligns with business goals and regulatory requirements. Lead the development and management of a comprehensive cybersecurity program, crucial for protecting our company’s assets and infrastructure, while facilitating secure digital transformation. Lead the cybersecurity team, setting strategic priorities and ensuring best practices are implemented internationally (US & Mexico). Create and manage an enterprise-wide cybersecurity program to safeguard critical information assets and infrastructure. Oversee security operations, including incident response, threat intelligence, and vulnerability management. Ensure the selection and implementation of appropriate security technologies. Oversee security aspects of digital transformation initiatives, including cloud adoption, OT, and IoT integration. Report to the board of directors on cybersecurity programs and develop metrics to demonstrate the impact and progress of the cybersecurity program. Assess cybersecurity risks across digital infrastructure, networks, and sensitive data. Implement risk mitigation strategies and conduct regular risk assessments and audits. Establish and enforce security policies and procedures in compliance with legal, industry standards, such as: NERC CIP, ISO/IEC 27001. Drive security awareness and training programs for all employees. Oversee business continuity and resiliency plans in collaboration with the CIO and other business leaders. Collaborate with executive leadership, including the CIO, and business unit leaders to integrate cybersecurity into business processes. Work closely with IT, operations, and other departments to ensure a cohesive approach to cybersecurity. Liaise with vendors and external stakeholders to maintain security standards, and serve as the point of contact for law enforcement agencies. Qualifications: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent experience. 15+ years of progressive experience in information security roles, with at least 5 to 7 years in senior management within a large, complex organization, preferably in the energy sector. Direct leadership experience in managing a global security team within a highly regulated industry. Deep understanding of cybersecurity technologies, practices, and methodologies, including intrusion detection systems, firewalls, anti-virus software, data encryption, and emerging technologies, such as: AI, IoT, cloud computing. Experience managing security for critical infrastructure and operational technology (OT) environments. Extensive knowledge of relevant standards and regulations, including: GDPR, NERC CIP, ISO/IEC 27001, NIST frameworks. Proven experience in crisis management and incident response. Strong analytical skills to assess security systems and foresee potential vulnerabilities. Excellent communication skills to explain complex security risks and strategies to stakeholders at all levels, as well as inspire a team of security professionals. Master’s degree in Computer Science, Information Systems, Engineering, Business, or related discipline, or equivalent training/experience (preferred). Bilingual in English and Spanish (highly preferred). Relevant certifications such as CISSP, CISM, CCISO, CompTIA Security+, GIAC Security Essentials, or CISA (preferred).
#J-18808-Ljbffr