
Chief Information Security Officer – Virtual
Posted 5 hours ago

Posted 5 hours ago
This is a fully remote position, open to applicants anywhere in the world.
• In the role of vCISO, you will be pivotal in safeguarding our organization's systems and infrastructure.
• Your responsibilities will include supporting governance initiatives, managing and assessing risks, ensuring compliance with applicable regulations and standards, and offering technical expertise to enhance system security engineering.
• You will also assist with tasks related to SOC 2 Type II, HIPAA, and PCI compliance audits while strategically overseeing the security of systems and infrastructure.
• Contribute to the creation, execution, and upkeep of effective cyber security policies, procedures, and standards.
• Aid governance initiatives by developing and maintaining security frameworks, controls, and documentation.
• Carry out risk assessments and collaborate with stakeholders to identify, analyze, and mitigate potential security threats.
• Ensure adherence to relevant regulatory requirements, industry standards, and best practices.
• Work alongside cross-functional teams to embed security controls and requirements into system design and development processes.
• Conduct reviews of security architecture and provide technical advice to guarantee the implementation of strong security measures.
• Execute security assessments and penetration tests on systems, networks, and applications.
• Identify vulnerabilities, evaluate security flaws, and propose remediation strategies.
• Keep abreast of emerging threats, vulnerabilities, and security technologies to improve system security engineering practices.
• Contribute to the formulation and testing of incident response plans and procedures.
• Bachelor’s degree in computer science, Information Technology, or a closely related field.
• Proven experience as a Cyber Security Engineer, Security Analyst, or in a comparable role.
• Strong grasp of cyber security principles, risk management methodologies, and compliance frameworks.
• In-depth understanding of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, and vulnerability scanning tools.
• Familiarity with regulatory requirements (e.g., GDPR, HIPAA), industry standards (e.g., NIST, ISO 27001), and frameworks (e.g., COBIT, ITIL).
• Experience with interpreting cyber security frameworks (e.g., NIST CSF, HIPAA HITRUST, CIS20, CSA CSF).
• Experience in system security engineering, secure software development, or secure system design.
• Proficient in conducting security assessments and managing vulnerabilities.
• Familiarity with incident response processes and security monitoring practices.
• Exceptional problem-solving and analytical capabilities.
• Strong communication and collaboration skills.
• Relevant certifications such as CISSP, CISM, CASP+, or GIAC are highly desirable.
• 100% permanently remote position with no plans to return to an office.
• Extensive paid time off, including paid holidays and float holidays.
• Highly competitive and flexible medical, dental, and vision benefits plans tailored to your needs.
• 401(k) with a generous employer match.
• Customized Life and Disability insurance plans.
• Full reimbursement for approved professional certification and career development opportunities.
• Monthly stipend for mobile phone plans and internet service.
Infovista
CROWDCONSULTANTS
Owens & Minor
Urrly
Get handpicked remote jobs straight to your inbox weekly.