Chief Information Security Officer (CISO)

Reports to: President Location: Maryland (Hybrid remote) Position Summary: The Chief Information Security Officer (CISO) is responsible for establishing and maintaining RKCS's enterprise-wide information security program to ensure that all information assets are adequately protected. The CISO will be responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of the organization. Key Responsibilities: Security Strategy Development & Implementation: Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, confidentiality, and availability of information assets. Risk Management: Perform regular security assessments, audits, and relevant risk assessments, communicating results to executive management and board members. Policy Development: Develop and implement information security policies, standards, guidelines, and procedures. Incident Management: Lead the incident response team in effectively mitigating security incidents, including data breaches and cyber-attacks, and collaborate with the legal department for any necessary follow-up. Compliance & Audit: Ensure that the company is in compliance with all relevant legal and regulatory requirements, including data protection laws and cybersecurity standards like ISO 27001, GDPR, and any industry-specific guidelines. Employee Training and Awareness: Develop and manage a security awareness and training program for all employees. Vendor Management: Ensure that security is integrated into the third-party vendor risk management process. Budget Management: Responsible for information security budget and allocations, ensuring cost-effective resource use. Technology Evaluation: Evaluate new cybersecurity threats and IT trends and adapt current processes and technologies to mitigate risks to the organization. Reporting: Regularly update the executive team and the board of directors on the status of information security, risks, and projects. Qualifications: Bachelor’s degree in computer science, Information Technology, or a related field, Master’s preferred. Minimum of 10 years of experience in a combination of risk management, information security, and IT roles. At least 5 years of experience in a senior leadership role. Relevant certifications such as CISSP, CISM, CISA, etc. Strong understanding of firewall and intrusion detection/prevention technologies. Experience with contract and vendor negotiations. Excellent written and verbal communication skills. Key Competencies: Strong leadership skills Excellent communication and organizational skills Analytical thinking and problem-solving capabilities Ability to manage multiple priorities Adaptability and stress tolerance Interested candidates should submit their application, including a cover letter and resume, to careersrkcybersolutions.com . BENEFITS 4 Health Insurance Options GAP Insurance Options Dental Plan Life Insurance Options Long-term Disability Short-term Disability Legal Option HSA Option PTO 401k Plan Pension Plan J-18808-Ljbffr