Chief Information Security Officer

Description :

Work location : Permanent remote from anywhere in the US following EST work hours. EST / CST based candidates preferred.

Note : This is a contracttohire position so please look for candidates who are authorized to work for any employer in the US without requiring visa sponsorship.

The following are some of the expected action items required to be completed by CISO in the first 612 months :

Strategic Plan :

Update the Strategic Plan and Roadmap for client Information Security.

Add new items to the plan based on the results of NIST Cybersecurity Assessment

Data Classification and Data Loss Prevention :

Review clients needs for a Data Classification and Data Loss Prevention tool.

Compare Data Classification and Data Loss Prevention tools.

ThirdParty Security Review :

Perform ThirdParty Security Review of clients critical vendors.

Vulnerability Scanning and Management Program :

Develop Vulnerability Management Procedures with the Security Analyst

Perform the review of the vulnerability scans and assist with the remediation

CTPAT Audit : Support CTPAT Audit

Cybersecurity Assessment

Assist with the Cybersecurity Assessment

Business Impact Analysis :

Incident Response

Assist with incident response and evaluation of incidents and lessons learned

Security Awareness :

Continue to assist in developing an improved security awareness program

Others :

Provide awareness to IT Leadership as necessary regarding potential threat intelligence that could be an issue for the Client

Keep abreast of trending compliance security and privacy concerns that could impact the Clients business

Conduct research on various security topics as needed

Continue to update the HighLevel MultiYear Roadmaps to Improve Overall Security Program Maturity