Logo
Yoh

Chief Information Security Officer

Yoh, Houston, Texas, 77246


Chief Information Security Officer Category: Information Technology Employment Type: Direct Hire Reference: 15886-31521601 Yoh has an exciting, direct hire opportunity for a Chief Information Security Officer (CISO) to join our Energy client The ideal candidate will have 15 years of information security-related experience and live within a commutable distance to the office in Houston, TX for an onsite work environment. See below for abbreviated job responsibilities and requirements. If after reviewing, you are interested in learning more about this, or other IT opportunities, please apply with your updated resume ASAP. Title: Chief Information Security Officer (CISO) Salary: $170,000-$210,000/year (Based on Experience Level) Type: Full Time Industry: Energy Location: Houston, Texas Responsibilities: Develop and implement strategies, policies, and standards for application security, infrastructure security, compliance, and security operations. Ensure a robust security governance framework that aligns with business goals and regulatory requirements. Lead the development and management of a comprehensive cybersecurity program, crucial for protecting our company's assets and infrastructure, while facilitating secure digital transformation. Lead the cybersecurity team, setting strategic priorities and ensuring best practices are implemented internationally (US & Mexico). Create and manage an enterprise-wide cybersecurity program to safeguard critical information assets and infrastructure. Oversee security operations, including incident response, threat intelligence, and vulnerability management. Ensure the selection and implementation of appropriate security technologies. Oversee security aspects of digital transformation initiatives, including cloud adoption, OT, and IoT integration. Report to the board of directors on cybersecurity programs and develop metrics to demonstrate the impact and progress of the cybersecurity program. Assess cybersecurity risks across digital infrastructure, networks, and sensitive data. Implement risk mitigation strategies and conduct regular risk assessments and audits. Establish and enforce security policies and procedures in compliance with legal, industry standards, such as: NERC CIP, ISO/IEC 27001. Drive security awareness and training programs for all employees. Oversee business continuity and resiliency plans in collaboration with the CIO and other business leaders. Collaborate with executive leadership, including the CIO, and business unit leaders to integrate cybersecurity into business processes. Work closely with IT, operations, and other departments to ensure a cohesive approach to cybersecurity. Liaise with vendors and external stakeholders to maintain security standards, and serve as the point of contact for law enforcement agencies. Qualifications: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent experience. 15 years of progressive experience in information security roles, with at least 5 to 7 years in senior management within a large, complex organization, preferably in the energy sector. Direct leadership experience in managing a global security team within a highly regulated industry. Deep understanding of cybersecurity technologies, practices, and methodologies, including intrusion detection systems, firewalls, anti-virus software, data encryption, and emerging technologies, such as: AI, IoT, cloud computing. Experience managing security for critical infrastructure and operational technology (OT) environments. Extensive knowledge of relevant standards and regulations, including: GDPR, NERC CIP, ISO/IEC 27001, NIST frameworks. Proven experience in crisis management and incident response. Strong analytical skills to assess security systems and foresee potential vulnerabilities. Excellent communication skills to explain complex security risks and strategies to stakeholders at all levels, as well as inspire a team of security professionals. Master's degree in Computer Science, Information Systems, Engineering, Business, or related discipline, or equivalent training/experience (preferred). Bilingual in English and Spanish (highly preferred). Relevant certifications such as CISSP, CISM, CCISO, CompTIA Security, GIAC Security Essentials, or CISA (preferred). Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply. Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process. For California applicants, qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. All of the material job duties described in this posting are job duties for which a criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of a conditional offer of employment.