VCISO

Position Overview

Work with Thrive’s vCISO Service clients to assess their current Information Security Program and develop an appropriate, business-aligned strategy to establish a proactive approach to cyber risk management. Implement customized, risk-based Information Security Programs and the associated controls frameworks to complement each client’s business and IT operations. Ensure all Governance, Regulatory and Compliance obligations are addressed from an Information Security perspective.

Be a trusted advisor and “go-to” resource for Senior IT and Executive Leadership for all things relating to Information Security.

• Serve as Information Security Subject Matter Expert for Executive leadership.
• Develop annual strategic plans and supporting project roadmaps.
• Collaborate and coordinate with internal IT resources to execute the security plan.
• Create remediation plans for all security assessments.
• Conduct annual risk assessments.
• Coordinate Penetration Tests with third parties.
• Collaborate with customers on policy development and implementation.
• Assist with Security Incident Response and tabletop exercises.
• Mentor client technical resources as requested
• Performs assessments with clients in the following areas:
  • Information Security Strategy
  • Information Security Governance
  • Information Security Program Development and Management
  • Information Security Risk Management

• Bachelor’s Degree or equivalent work experience in cybersecurity (MBA preferred)
• 5+ years’ experience Information Security Preferred
• Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM)
• Expert in security frameworks such as CIS, NIST, CMMC, HIPAA/HITECH, PCI-DSS, ISO 27001/2