Get new jobs for this search by email

Brief Description of Work:

Under the general direction of the Chief Information Officer, the Chief Information Security Officer is responsible for developing and implementing comprehensive information security strategies to protect JTA from cyber threats, ensuring data integrity, and maintaining the confidentiality and availability of information systems. This role includes overseeing IT risk assessments and implementing robust security measures across the organization. This role requires a hands-on leader who can perform technical tasks such as monitoring alerts, analyzing log records, identifying indicators of compromise and other similar technical tasks while also developing governance framework, roadmaps , strategies and manage a small team of cybersecurity engineers,

Essential Function(s):

Develop and implement a comprehensive information security strategy and framework that aligns with JTA’s objectives and risk profile.

Conduct thorough IT risk assessments, identify potential security vulnerabilities, and devise strategies to mitigate risks.

Develop, maintain, and enforce cybersecurity policies and procedures that comply with legal and regulatory standards.

Lead the development and implementation of an incident response plan, Business Continuity and Disaster Recovery Plans to quickly and effectively manage cybersecurity incidents.

Manage and mentor a team of 2 information security professionals, fostering a culture of continuous improvement and proactive risk management.

Manage the Operating and Capital Budget for the Cybersecurity team

Own and drive the response to reports of phishing, social engineering and various other attempts by threat actors to breach security. Response would include developing and conducting awareness and education campaigns as well as systemic responses.

Actively Liaise with various Information Sharing and Analysis Organizations, collate all JTA relevant threat information and deploy measures to counter the threats

Collaborate with other IT departments, including Infrastructure and Applications and ensure that all identified vulnerabilities are resolved in a timely manner by the respective departments.

Conduct periodic access privilege audits, and respond to all Audit requests including Internal and External audits.

Conduct periodic evaluation of the cybersecurity controls, measure adherence to the selected governance framework (NIST CSF 2.0) and actively remediate deviation from framework

Collaborate with executive management and key stakeholders to raise awareness of cybersecurity risks and strategies.

Oversee the selection and implementation of security technologies and ensure the continuous monitoring of IT systems for potential threats.

Develop and implement security training and awareness programs for all employees.

Ensure compliance with relevant cybersecurity laws, regulations and standards

Ensure compliance with State, Federal, Local data retention laws including retention of email and text messages

Regularly report to executive management on the status of information security, potential risks, and ongoing initiatives.

Collaborate with other departments to ensure security awareness and training.

Stay current with the latest cybersecurity trends, threats, and technology solutions

Minimum Qualifications:

Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.

Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.

Preferred Qualifications:

Professional certifications such as CCISO, CISSP, CISM, CISA are highly desirable.

Knowledge, Skills and Abilities:

Proven track record of developing and implementing effective cybersecurity strategies and risk management programs.

Strong knowledge of current cybersecurity trends, threats, and protection technologies.

Excellent leadership, communication, and interpersonal skills.

Ability to make strategic decisions and translate complex security concepts to non-technical stakeholders.

Able to speak clearly, communicate effectively, and prepare clearly-written reports.

Excellent analytical and problem-solving skills.

Strong organizational skills and attention to detail.

Work independently and collaboratively in a team environment.

Work under pressure, meet deadlines, and handle multiple priorities.

Strong organizational and project management skills, with the ability to handle multiple projects simultaneously.

Excellent written and verbal communication skills.

Work collaboratively in a team environment.

Work Environment/Physical Demands:

The Chief Information Security Officer works mainly in an office environment where the noise level is generally quiet. Physical demands may include:

Sitting and/or standing for prolonged periods.

Performing repetitive motion.