We invite you to join the Greycroft Talent Network

196
companies
942
Jobs

Chief Information & Security Officer

Extreme Reach

Extreme Reach

New York, NY, USA
Posted on Jul 29, 2023

As the Chief Information & Security Officer (CISO), you will be responsible for overseeing the strategic planning, development, and implementation of our company's information technology systems and infrastructure. Reporting directly to the CEO, you will play a pivotal role in aligning technology with our business objectives, driving innovation, and ensuring operational excellence. The hired candidate will also oversee our security programs, ensuring our program is aligned with industry best practices and regulatory requirements. Your expertise and leadership will be critical in advancing our competitive position in the industry.

Responsibilities

Information Security Operations & Strategy:

  • Develop and implement a comprehensive information security strategy that aligns with the company's overall objectives and risk appetite.
  • Continuously evaluate the evolving threat landscape and emerging technologies to ensure proactive security measures and appropriate risk mitigation strategies are in place.
  • Lead implementation and maintenance of security technologies, tools, and processes to protect the organizations/ networks, systems, and data
  • Primary escalation point for security events, effectively communicate and respond to security incidents

IT Infrastructure and Operations:

  • Oversee the design, implementation, and maintenance of a scalable and reliable IT infrastructure, including networks, servers, databases, and software applications.

Governance and Compliance:

  • Establish policy and ensure compliance with relevant laws, regulations, and industry frameworks (e.g., GDPR, CCPA, ISO 27001, NIST, etc.).
  • Establish a governance framework to monitor and measure the effectiveness of security controls, and report on security posture to executive management and relevant stakeholders.

Risk Management:

  • Conduct regular risk assessments, vulnerability assessments, and penetration tests to identify potential security weaknesses and prioritize remediation efforts.
  • Develop incident response plans, coordinate security incident investigations, and oversee the implementation of corrective actions to minimize the impact of security incidents.

Security Awareness and Training:

  • Foster a culture of security awareness throughout the organization by developing and delivering training programs to enhance employees' understanding of information security risks and their role in safeguarding company assets.

Leadership and Collaboration:

  • Build and lead a high-performing information security team, providing mentorship, guidance, and professional development opportunities.
  • Collaborate with cross-functional teams, including IT, legal, compliance, and HR, to embed security requirements into business processes and initiatives.

Digital Transformation:

  • Drive the company's digital transformation initiatives by identifying opportunities to leverage technology to streamline processes, improve customer experience, and drive revenue growth.
  • Champion the adoption of cutting-edge technologies, such as cloud computing, artificial intelligence, and data analytics, to enhance product offerings and gain a competitive advantage.

Vendor Management:

  • Analyze the costs, value and risks of information technology to advise management on suggested actions
  • Partner with Procurement to manage vendor relationships, negotiate contracts, and monitor service level agreements (SLAs) to ensure quality and value delivery.

*Pursuant to New York City's Pay Transparency Law the pay range for this position is $203,000 - $259,000; base pay offered may vary depending on job-related knowledge, skills, and experience.

  • Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree preferred.
  • Minimum 10 years experience in progressively responsible IT leadership roles, preferably in the SaaS or software industry.
  • Strong business acumen with a track record of aligning technology initiatives with organizational objectives to drive growth and operational efficiency.
  • Deep understanding of emerging technologies and trends, such as cloud computing, data analytics, artificial intelligence, and cybersecurity.
  • Demonstrated experience in leading digital transformation initiatives and driving innovation within an organization
  • Strong knowledge of information security principles, frameworks, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework, OWASP).
  • Deep understanding of SaaS, cloud computing, and related security challenges.
  • Familiarity with relevant data protection and privacy regulations (e.g., GDPR, CCPA).
  • Industry certifications such as CISSP, CISM, or CISA are highly desirable.
  • Proven track record of successfully managing information security programs in a fast-paced, technology-driven environment.
  • Exceptional analytical and problem-solving skills, with the ability to balance security requirements with business needs.
  • Excellent communication and leadership skills, with the ability to effectively collaborate and build relationships with stakeholders at all levels.

Reporting Relationship

  • The Chief Information & Security Officer will report to the CEO and will collaborate closely with the CTO

Location

  • Hybrid in our New York, NY, or Dedham, MA office
  • Ability to travel to NY or other key locations as needed
  • ER has 23 offices worldwide and teams spread throughout the US, EMEA and APAC, our multicultural teams work cross-departmentally and across continents and cultures towards a shared goal
  • It is our belief that the better we work together to help our clients achieve their goals, the more successful Extreme Reach will be
  • Our leadership is provided a great deal of autonomy and freedom in their individual roles, they are encouraged to be self starters and to continuously develop their skills
  • Feedback from internal Employee Engagement Surveys cites the People, Teamwork and Flexibility as the most rewarding aspects of working at ER
  • We are a supportive and collaborative culture that values multiple perspectives, fresh thinking and is dedicated to DEI
  • ER celebrates diversity of ideas, people and experiences
  • Unlimited PTO, flexible work schedules and all positions allowing for hybrid working arrangements create a rewarding work-life balance