WHO: Global business grounded in a diversified portfolio of businesses related to technology and communications.
WHAT: Business Information Security Officer - Enterprise Solutions
WHEN: Immediate Consideration
WHERE: Atlanta, GA
The Business Information Security Officer for Enterprise Solutions is responsible for leading all Enterprise and Shared Service information security and risk management initiatives to align within business units. This position will be the security subject matter expert working with technology, business, and legal teams to develop secure solutions and will hold overall responsibility for coordinating security projects for all Enterprise and Shared Service products and solutions.
These projects may include: coordination of network and application security vulnerability remediation efforts, providing security guidance for new business projects, oversight of critical security access reviews, developing disaster recovery documentation and coordinating DR test activities, acting as the liaison for security audits and coordinating the remediation of all security audit findings.
The BISO will advise for Enterprise Solutions to ensure compliance with all legal, regulatory, and contractual security obligations, assist with the development and implementation of security process improvements, and will champion security and risk mitigation for Enterprise and Shared Solutions. The BISO may also be involved in certain aspects of security operational tasks, such as approving security requests or helping with the business context in incident response exercises.
- Ensure adoption and compliance with Corporate Security Standards while enabling business success. Define, plan, and execute the strategy for Enterprise and Shared Services security
- Coordinate vulnerability remediation efforts for software and system vulnerabilities. Report on progress and risks. Makes recommendations for strategic improvements.
- Assist with applications that are moving to the cloud, review controls for new or moving applications, and provides guidance for secure transitions to the cloud.
- Assist with subpoena requests and handling depositions working with internal/external Legal Counsel.
- Address findings from quarterly access and firewall reviews.
- Oversee the maintenance of disaster recovery plans and procedures for the Enterprise and Shared Services systems and software. Assist with disaster recovery testing efforts when needed.
- Meets and partners with broad stakeholder groups (e.g. Engineering, Product, Architecture, Operations, Legal) to provide leadership updates and reporting on security issues.
- Periodically helps perform risk assessments of the Enterprise and Shared Service applications, systems, and business processes to verify compliance with Security Standards and prioritize the remediation of gaps based on risk to the organization. Coordinates the remediation of all gaps identified.
- Oversees security audits and requests. Oversee and assist with prioritization of the remediation efforts, if any, as a result of these audits.
- Assists with subpoena requests and handling of depositions, working with internal/external Legal Counsel.
- 5+ years experience in IT Security, Risk, Compliance or equivalent
- Experience with large revenue company, $2B+ preferred
- Experience with high-volume transaction shared services
- Strong Vulnerability Management background
- Understanding of web applications, cloud technologies, system infrastructure, and enterprise architecture
- Experience conducting or responding to audits
- BA/BS Degree in Computer Science, IS, or equivalent
- CISA, CISSP, CISM, or other security certification(s).
- Experience managing local and remote team members
- Travel 25%
Compensation: Base salary $175k +/-, bonus, relocation assistance, full benefits
Location: Atlanta, GA
Please send your resume in Word to Jane@northpointsg.com.
Senior National Recruiter
NorthPoint Search Group
Click here to apply online