CSO NEEDED!!!!!Mar 19 2004 05:12PM Ryan Kurtz (Ryan Kurtz us Randstad com)
Let me know if anyone is interested or knows someone who is interesting in
the Job Description for a CSO position located in RTP, NC. We encourage
anyone who has the qualification to send resumes. This position is needed
pretty immediately for the newly created position. Thanks
Department: Information Systems Location: Corporate
Reports To: Chief Information Officer FLSA Status: Exempt
Purpose: Responsible for the definition and implementation of the corporate
security function. Instrumental in defining security policies, standards and
procedures protecting corporate assets as well as the hosted assets of our
customers. Increase security awareness of company employees. Address
customer security concerns and questions. Direct security investigations
when necessary. Maintain corporate business continuity plans. To provide
overall coordination and management of in-building system network
operations.
Job Functions:
1. Develop, implement and maintain all corporate-level information
security standards, procedures, and guidelines, including compliance
monitoring procedures.
2. Develop a comprehensive program for planning, design, implementation
and monitoring of security measures.
3. Coordinate, implement and maintain the Business Continuity and
Disaster Recovery programs.
4. Contribute to customer RFP/RFI's as required.
5. Manage yearly audits and report results to management.
6. Recommend tools for the implementation of security best practices;
work closely with systems, network, and application development personnel to
ensure the integrity of information security procedures, systems and
policies.
7. Manage regular reviews of access to all systems and platforms and
develop risk-analysis and rating of all current and future systems and
platforms.
8. Conduct direct vulnerability assessments and security reviews,
investigate security violations and reports policy violations to management.
9. Develops and coordinates remediation plans to address security
vulnerabilities.
10. Develop and administer an effective corporate security awareness
program.
11. Oversees the maintenance and update of incident response plans.
12. Develop and maintain budget associated with all security and
business continuity related expenses.
The above responsibilities represent the major tasks assigned to incumbents
in this job title. They are not intended to be an exhaustive list of all
tasks. On occasion, incumbents may perform other related tasks.
Working Conditions and Physical Demands:
Works in normal office environment with minimal traveling required.
Qualifications:
1. Requires at least 10 years information security leadership
experience, with a significant portion of that time establishing and leading
comprehensive security programs in a large financial organization.
2. Prefer at least 7-10 years of financial experience.
3. CISSP and/or CISA certification required.
4. A degree in computer science or related field.
5. Extensive knowledge of Sarbanes-Oxley, GLBA and ISO17799.
6. Thorough knowledge and understanding of current information security
and disaster recovery planning techniques and technologies.
7. Demonstrated ability to work with management and staff at various
levels of the organization to implement sound security practices.
Ryan Kurtz
IT Recruiter
Ryan.Kurtz (at) us.randstad (dot) com [email concealed]
the Job Description for a CSO position located in RTP, NC. We encourage
anyone who has the qualification to send resumes. This position is needed
pretty immediately for the newly created position. Thanks
Job Title: Corporate Security Officer Date: 3/17/04
Department: Information Systems Location: Corporate
Reports To: Chief Information Officer FLSA Status: Exempt
Purpose: Responsible for the definition and implementation of the corporate
security function. Instrumental in defining security policies, standards and
procedures protecting corporate assets as well as the hosted assets of our
customers. Increase security awareness of company employees. Address
customer security concerns and questions. Direct security investigations
when necessary. Maintain corporate business continuity plans. To provide
overall coordination and management of in-building system network
operations.
Job Functions:
1. Develop, implement and maintain all corporate-level information
security standards, procedures, and guidelines, including compliance
monitoring procedures.
2. Develop a comprehensive program for planning, design, implementation
and monitoring of security measures.
3. Coordinate, implement and maintain the Business Continuity and
Disaster Recovery programs.
4. Contribute to customer RFP/RFI's as required.
5. Manage yearly audits and report results to management.
6. Recommend tools for the implementation of security best practices;
work closely with systems, network, and application development personnel to
ensure the integrity of information security procedures, systems and
policies.
7. Manage regular reviews of access to all systems and platforms and
develop risk-analysis and rating of all current and future systems and
platforms.
8. Conduct direct vulnerability assessments and security reviews,
investigate security violations and reports policy violations to management.
9. Develops and coordinates remediation plans to address security
vulnerabilities.
10. Develop and administer an effective corporate security awareness
program.
11. Oversees the maintenance and update of incident response plans.
12. Develop and maintain budget associated with all security and
business continuity related expenses.
The above responsibilities represent the major tasks assigned to incumbents
in this job title. They are not intended to be an exhaustive list of all
tasks. On occasion, incumbents may perform other related tasks.
Working Conditions and Physical Demands:
Works in normal office environment with minimal traveling required.
Qualifications:
1. Requires at least 10 years information security leadership
experience, with a significant portion of that time establishing and leading
comprehensive security programs in a large financial organization.
2. Prefer at least 7-10 years of financial experience.
3. CISSP and/or CISA certification required.
4. A degree in computer science or related field.
5. Extensive knowledge of Sarbanes-Oxley, GLBA and ISO17799.
6. Thorough knowledge and understanding of current information security
and disaster recovery planning techniques and technologies.
7. Demonstrated ability to work with management and staff at various
levels of the organization to implement sound security practices.
Ryan Kurtz
IT Recruiter
Ryan.Kurtz (at) us.randstad (dot) com [email concealed]
[ reply ]