Registered User? - Login Here :    Email (User ID):    Passcode:        Forgot Password?

Corporate Information Security Officer (CISO) - Greenbelt, MD 20770 - US



Job Posting Information
Employer : Thomas Sharp
Job Title : Corporate Information Security Officer (CISO)
Location : Greenbelt, MD 20770 - US
Reference Code :
Job Type : Direct-Hire / Permanent Full-Time
Minimum Clearance Level : Secret
Date Modified : 02-24-2020
Salary : (not listed)
Additional Salary Information :
Career Level : Experienced (Non-Manager) 10+ Years of Experience
Education Level : Bachelors
 Save       Print       Email to Friend       Apply     
Job Description

Will Oversee the Information Security and Assurance Management function, which includes development, documentation, implementation, operation, and maintenance of an information security program. Will also manage ongoing activities to preserve the confidentiality, integrity, and availability of organization information resources in accordance with applicable data governance, risk management, and compliance policies and standards.

Typical Function
Safeguards the organization’s computers, networks, and data against threats, such as security breaches, computer viruses, or attacks by cyber-criminals, avoiding loss of confidential information, lost revenue, reputation, and fines from regulatory agencies for failing to protect data.
Manages staff, providing line management, leadership, motivation, and strategic direction.
Communicates regularly with other managers, and brings the organization’s information security risks under explicit management control.
Initiates, facilitates, and promotes activities to create information security awareness throughout the organization.
Provides oversight and manages continuous network and system monitoring.
Monitors internal control systems to ensure that appropriate access levels are maintained.
Manages and contributes to 24/7/365 security incident response team.Leads information security investigations and coordinates/communicates efforts with executive management and relevant Federal partners..
Manages and oversees classified automated information systems (AIS) in accordance with NISPOM.
Liaises with and offers strategic direction to related governance functions (such as Physical Security/Facilities, IT, HR, and Legal) plus senior and middle managers throughout the organization as necessary, on information security matters, such as routine security activities, plus emerging security risks and control technologies.
Provides internal management consultant advice and practical assistance on information security risk and control matters throughout the organization, and promotes the commercial advantages of managing information security risks more efficiently and effectively.
Leads or oversees risk and vulnerability assessment activities. Leads or commissions the preparation and authorizes the implementation of necessary information security policies, standards, procedures, and guidelines.
Leads the design and operation of compliance auditing, monitoring, and improvement activities to ensure compliance both with internal security policies and procedures and applicable laws and regulations; ensures consistency of internal controls across departments.
Leads or commissions information security awareness, training, and educational activities; information security risk assessments and control selection activities; and activities relating to contingency planning, business continuity management, and IT disaster recovery in conjunction with relevant functions and third parties.
Monitors changes in local, State, and Federal regulations and accreditation standards affecting information security, and make recommendations to the CIO and other organization leaders on the need for policy changes.


Required Skills and Experience
Education: Bachelor’s Degree in Computer Science, Information Systems, Cyber Security, Engineering or related field is required.
Successful candidate should have Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
Years of Experience: 10 or more years of combined information systems and security experience.
Candidates must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues.
Aside from technical skills, prospective candidates should have excellent communications, teamwork, leadership and conflict management skills.
Because of the constant developing nature of information systems and cyber attacks, officers must be committed to continuous learning and system development.
Familiarity and experience with establishing and maintaining strategic counterintelligence partnerships with Federal agencies.
Experience building, certifying, and receiving Authorization to Operate (ATO) for Automated Information Systems (AIS) for DoD-related classified processing in accordance with NISPOM.
Experience performing AIS system maintenance, security control configuration/enforcement, and auditing duties on classified systems.
Familiarity and experience with NIST RMF and SP 800 series documentation including, but not limited to SP 800-53r4 and 800-171.
Experience leading and providing security incident response and investigations.
Experience with conducting forensic analysis, reviewing, and reporting results.