Vacancy expired!
- Competitive base salary: $100,000 - $120,000
- Full benefits: Medical, Dental, Vision
- 401 (K) with generous company match
- Generous Paid time off (PTO)
- Vacation, sick, and paid holidays
- Life Insurance coverage
- Hire, train, and supervise a small, efficient, and effective information security team
- Work closely with senior technology stakeholders to ensure appropriate security guidance to support product and service delivery
- Develop, implement, and monitor a strategic and comprehensive information security and IT risk management program
- Ensure the integrity, confidentiality, and availability of information owned, controlled, or processed by Facilisgroup
- Develop, maintain, and publish information security policies, standards, and guidelines. Oversee the approval, training, and dissemination of security policies and practices
- Create, communicate, and implement a risk-based process for vendor risk management, including assessing and treating risks that may result from partners, consultants, and other service providers
- Develop and manage an information security budget.
- Create and manage information security, cyber security, and risk management awareness training for all employees and contractors.
- Work directly with various business units to facilitate IT risk assessment and risk management processes and work with stakeholders throughout the enterprise on identifying acceptable levels of risk.
- Provide regular reporting on the current status of the information security program to senior business leaders and the board of directors (as required).
- Create and manage a framework for roles and responsibilities with regard to information ownership, classification, accountability, and protection.
- Provide strategic risk guidance for SaaS product development, including the evaluation and recommendation of technical controls.
- Ensure that all security programs comply with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on appropriate courses of action.
- 5+ years of IT experience
- CISSP Certification
- Information security experience
- Management experience