Gemological Institute of America
Chief Information Security Officer
Gemological Institute of America, Greendale, Wisconsin, United States, 53129
Gemological Institute of America Established in 1931, GIA is an independent nonprofit that protects the gem and jewelry buying public through research, education and laboratory services. The Company: GIA is the world’s foremost authority in gemology. GIA is a global organization with headquarters located in Carlsbad, CA. GIA in Carlsbad boasts a 17-acre ocean view campus that accommodates approximately 800 of its 3,000 total employees worldwide. It offers many competitive health benefits that promote the well-being of its employees as well as that of the environment.
What to expect:
Hybrid role (3 days on-site) at our Carlsbad, CA headquarters
We offer competitive medical, dental & vision
Matching 401-K plans up to 8%, no vesting required
Paid vacation, sick and holidays, tuition assistance, commuter benefits
JOB OVERVIEW
The Chief Information Security Officer (CISO) is primarily responsible for establishing, implementing, monitoring, and enforcing the Institute's information security governance, standards, and policies. The incumbent will develop strategic direction and oversee the day-to-day execution of operational information security initiatives at GIA. The CISO will report to the Chief Information & Technology Officer (CITO) and collaborate closely with the other Executives and Managers within the organization to ensure the integration and efficacy of security initiatives.
KEY ACCOUNTABILITIES AND RESPONSIBILITIES
1. Establish Vision, Strategy, and Governance
Develop an information security vision and strategy aligned with organizational priorities to enable and facilitate the organization's business objectives. Facilitate an information security governance structure by implementing a governance program in alignment with the Enterprise Risk Management Committee. Provide regular reporting on the current status of the information security program to the Enterprise Risk Committee and the Audit and Risk Committee of the Board of Governors. Establish, implement, and monitor policies, standards, systems, and controls to ensure appropriate confidentiality, integrity, availability, safety, privacy, and recovery of information assets. 2. Lead the Organization
Lead the information security function across the Institute to ensure consistent and high-quality information security management in support of the business goals. Lead the information security team, ensuring effective collaboration with stakeholders and an environment of inclusion, growth, and accountability. 3. Build and Embed Capabilities in the Organization
Create and manage a targeted information security awareness training program for all employees, contractors, and approved system users. Provide clear risk-mitigating directives for projects with components in IT. 4. Operate the Information Security function
Manage the cost-effective information security organization, including hiring, training, staff development, and performance management. Manage the budget for the information security function, monitoring and reporting discrepancies. Requirements and Qualifications
Bachelor's degree in Engineering, Computer Sciences, Information Technology, or related field; or, 10-12+ years of related experience in progressively challenging Information Security leadership roles. Proven track record and experience in developing information security policies and procedures. Professional security management certifications, such as CISSP, CISM, or CISA, are desirable. Salary range: $250-$300k Disclaimer: This job description indicates in general terms, the type and level of work performed as well as the typical responsibilities of employees in this classification and it may be changed by management at any time.
#J-18808-Ljbffr
Develop an information security vision and strategy aligned with organizational priorities to enable and facilitate the organization's business objectives. Facilitate an information security governance structure by implementing a governance program in alignment with the Enterprise Risk Management Committee. Provide regular reporting on the current status of the information security program to the Enterprise Risk Committee and the Audit and Risk Committee of the Board of Governors. Establish, implement, and monitor policies, standards, systems, and controls to ensure appropriate confidentiality, integrity, availability, safety, privacy, and recovery of information assets. 2. Lead the Organization
Lead the information security function across the Institute to ensure consistent and high-quality information security management in support of the business goals. Lead the information security team, ensuring effective collaboration with stakeholders and an environment of inclusion, growth, and accountability. 3. Build and Embed Capabilities in the Organization
Create and manage a targeted information security awareness training program for all employees, contractors, and approved system users. Provide clear risk-mitigating directives for projects with components in IT. 4. Operate the Information Security function
Manage the cost-effective information security organization, including hiring, training, staff development, and performance management. Manage the budget for the information security function, monitoring and reporting discrepancies. Requirements and Qualifications
Bachelor's degree in Engineering, Computer Sciences, Information Technology, or related field; or, 10-12+ years of related experience in progressively challenging Information Security leadership roles. Proven track record and experience in developing information security policies and procedures. Professional security management certifications, such as CISSP, CISM, or CISA, are desirable. Salary range: $250-$300k Disclaimer: This job description indicates in general terms, the type and level of work performed as well as the typical responsibilities of employees in this classification and it may be changed by management at any time.
#J-18808-Ljbffr