Highlights: position requires minimum 3-5 years experience in an information security related role (analyst or engineer) in a small or medium enterprise, CISSP preferred, opportunity to found and run a new security program in a global enterprise with around 1000 employees and consultants, major investment in web portals and CRM (Salesforce) platforms, hybrid on-prem and cloud based infrastructure, complex privacy requirements - candidates with either hands-on technical skills or compliance/assurance background considered.
Apply for using the link below (direct applications only no agency candidates please):
More info: https://www.vistage.com/about-vistage/vistage-careers/ or connect with me directly https://www.linkedin.com/in/jamesdeveson/ - James Deveson, CIO, CISSP
We are looking for an individual with a diverse background in information security assurance, audit and the administration and management of related technologies to lead our new IS/IA program. Reporting directly into our CIO, this role will be Vistage’s first dedicated infosec specialist.
The right person for this role will be organized, independent and inquisitive. We’re looking for a team player who is a strategic and analytical thinker, detail-oriented, an effective communicator, creative and lively intellect. Lastly the right person will need to have an appropriate sense of urgency and the ability to learn new skills particularly in technology while being risk aware.
Vistage is the world’s largest CEO coaching and peer advisory organization for small and midsize business (SMB) leaders. We offer the most effective approach for SMB enterprises to achieve better results and grow faster as well as for SMB leaders to maximize their impact.
The 24,000+ members we serve are CEOs, owners and executives of SMB organizations located across the US and in 22 counties around the world. These SMB executives typically spend a day or more with Vistage every month to immerse themselves in our comprehensive platform for making better decisions, getting better results and becoming better leaders. Our platform features three core elements: valuable perspectives from a trusted group of peers, professional guidance and meeting facilitation from an accomplished business leader (the Chair), and deep insights from subject matter experts.
Vistage was founded more than 60 years ago and we’ve grown every year since then by innovating to stay on the cutting-edge of business and being relentless in delivering value to our members. Our success is demonstrated by the fact that Vistage member companies grow 2.2 times faster than non-Vistage peer companies. Learn more about us at www.vistage.com.
THE VISTAGE INFORMATION SECURITY SPECIALIST POSITION
We set the bar high and constantly take on new challenges. Vistage is a fast-paced environment where every day is “game day.” We’re accountable, inclusive and have an “all-in” attitude as we set goals and take action. We love celebrating your success but don’t have time for excuses. Do you have what it takes?
- Manage and operate security controls throughout the enterprise including providing oversight and verification of user and customer lifecycle and access controls
- Work with engineering, systems and product teams to manage the security implications and components of new projects
- Develop and maintain policies and plans including incident response, disaster preparedness, PCI, privacy and data protection compliance
- Prepare, deliver and verify company-wide infosec awareness training
- Monitor key infosec platforms including endpoint antivirus, remote access, authentication, firewalls, intrusion detection – conduct investigations as needed
- Operate vulnerability and risk management tools, prioritizing remediation
- Orchestrate and verify periodic controls including annual risk assessments, quarterly configuration reviews etc
- Provide updated infosec risk assessments, proposing mitigation and new initiatives to address emerging threats, platform/vendor obsolescence etc
- 3-5 years experience in an information security related role (analyst or engineer) in a small or medium enterprise
- Current certifications in the infosec field, for example CISSP (preferred), CISM or CISA
- Experience with managing enterprise grade security tools and infrastructure, including log/event monitoring
- Experience of audit, assurance and compliance in a corporate environment, working with internal or external audit teams and authorities
- Preferably past experience in a system administrator or system engineer role