Virtual Chief Security Officer (vCSO)
Expera IT
Calgary, AB, Canada
151K $ / an (estimé)
Temps plein
Overview
We are looking for a virtual Chief Security Officer (vCSO) who can provide security services to multiple clients across different industries and regions.
As a vCSO, you will act as a fractional security leader for our clients, helping them design, implement, and manage their security programs.
You will also provide strategic guidance, risk assessment, compliance support, and incident response. You will work remotely and collaborate with our team of security experts and consultants.
Responsibilities
- Assess the security posture and maturity of each client and provide recommendations for improvement.
- Perform annual risk assessments of clients from technical, physical, and compliance perspectives.
- Manage the execution and reporting of regular penetration testing and vulnerability scans.
- Develop and maintain security policies, standards, and procedures for each client.
- Oversee the implementation and operation of security tools and solutions for each client.
- Monitor and report on the security performance and compliance of each client.
- Provide security awareness and training to each client's staff and stakeholders.
- Coordinate and manage security audits, assessments, and certifications for each client.
- Respond to security incidents and breaches and provide remediation guidance for each client.
- Manage and participate in the development of business continuity, disaster recovery, and incident response plans for each client.
- Develop and run Incident Response Table Top Exercises for clients as required.
- Communicate and collaborate with each client's senior management and board on security matters.
- Coordinate with technical service delivery teams to remediate identified risks and vulnerabilities and manage the execution of security projects.
- Stay updated on the latest security trends, threats, and best practices.
Qualifications
- At least 10 years of experience in information security, with at least 5 years in a senior or leadership role.
- Proven track record of successfully managing security programs and projects for multiple clients or organizations.
- Strong knowledge and experience in security frameworks, standards, and regulations, such as ISO 27001, NIST, PCI DSS, GDPR, etc.
- Excellent communication, presentation, and interpersonal skills, with the ability to explain complex security concepts to technical and non-technical audiences.
- Strong analytical, problem-solving, and decision-making skills, with the ability to balance security and business needs.
- Certifications such as CISSP, CISM, CISA, CRISC, or equivalent are preferred.
- Ability to work independently and remotely, with minimal supervision and flexible hours.
- Willingness to travel occasionally to meet with clients or attend events.
J-18808-Ljbffr
Il y a plus de 30 jours