vCISO II, Cyber Strategy and Defense

SUMMARY

The Virtual Chief Information Security Officer II (vCISO II), Cyber Strategy and Defense (CSD) acts as an executive advisor for Arete’s Managed Services clients The vCISO II works with customers directly as needed providing security consultation services for CSD projects, while occasionally managing and directing CSD onsite activities while in client spaces.

The vCISO II is also responsible for establishing a professional rapport and communication channels between CSD and other teams within Arete and will mentor Sales Associates, Technical Account Managers, and other Arete staff as needed. You will also support the Sales team and participate as a CSD subject matter expert during the sales process.

ROLES & RESPONSIBILITIES

• Advises senior management on risk levels and security posture.
• Advises and assists client internal resources in defining and managing a company-wide, information security and risk management process
• Assists clients in the development of long-term security and compliance goals, articulate strategies, define metrics, and provide necessary updates to executive leadership and Board of Directors, as requested by the client
• Communicates the value of information security throughout all levels of the organization stakeholders
• Advises cybersecurity requirements to be integrated into the continuity planning for that system and/or organization(s)
• Facilitates overall enterprise information security architecture with the organization’s overall security strategy
• Evaluates cost/benefit, economic, and risk analysis as defined by contract with the client(s)
• Advises senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements
• Identifies alternative information security strategies to address organizational security objectives while supporting business goals
• Evolves and drives Client’s information security & privacy strategy covering products (on-prem & cloud), corporate IT systems and third-party SaaS applications
• Provides a visible face of our client’s security and privacy as a highly credible voice working with customers, partners, and other stakeholders
• Promotes awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals
• Ensures projects stay within scope, schedule, and budget
• Manges project communications, negotiations, and solutions
• Addresses client feedback as directed by Sr. Leadership
• Is open to new ideas and ensures best practices are implemented
• Communicates departmental goals and ensure individual goals align with the overall goals
• Ensures adherence to business processes to ensure operational efficiency and help identify infrastructure requirements to meet the business needs
• Tracks lesson learned from previous projects and ensure playbooks and training materials are reviewed and updated regularly
• Manages project assignment and hand off processes
• Ensures client satisfaction among internal and external stakeholders
• Updates metrics indicating client satisfaction among internal and external stakeholders
• Provides oversight of client satisfaction among internal and external stakeholders
• Monitors and reports metrics indicating client satisfaction among internal and external stakeholders
• Supports the development of strategic partnerships to maintain profitable and long-lasting relationships with key clients
• May perform other duties as assigned by management.

SKILLS AND KNOWLEDGE

• Thorough experience driving Information Security for cloud and on premise technical environments
• Strong public speaking skills to represent clients and help them communicate the security message to their stakeholders, executives, and Boards
• Ability to identify, attract, hire, develop, and retain security and compliance professionals needed to staff a security organization if the client requests this assistance

JOB REQUIREMENTS

• Bachelor's Degree and 10+ years of Cyber security experience or Master's Degree and 8+ years related experience or J.D. and 6+ years related experience
• 5 years of leadership experience, preferably at a senior level including experience as a CISO
• Subject matter expert on the threat landscape and state-of-the-art protection strategies and products; subject matter expert on product security and development practices and features for developing secure software and cloud services
• Proven experience building successful security, risk, and compliance programs
• Current experience creating or adopting new strategies that take into consideration the changing security landscape
• Subject matter expert on enterprise security controls and control frameworks, particularly CIS Critical Security Controls and other NIST based control frameworks
• Certification as a Certified Information Security Systems Security Professional (CISSP) or CRISC, preferred. Information Systems Security Management Professional (ISSMP) or CISM, preferred

DISCLAIMER

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified. 

WORK ENVIRONMENT

While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job.

PHYSICAL DEMANDS

• No physical exertion required
• Travel within or outside of the state
• Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects

TERMS OF EMPLOYMENT

Arete Advisors, LLC is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.

.

FLSA OVERTIME CATEGORY

Job is exempt from the overtime provisions of the Fair Labor Standards Act.

DECLARATION

The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description.

EQUAL EMPLOYMENT OPPORTUNITY

We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better. 

Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
 
 
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.