Chief Information Security Manager

4 weeks ago

Mesa, United States InterSources Full time
Chief Information Security Manager
Address: Mesa, AZ (Hybrid)
Full Time Position

Scope of Work:
The vCISO shall provide expert virtual cybersecurity services during normal business hours except in the event of a security incident or breach.
HCC seeks a fresh perspective on its security measures and protocols to not only improve its posture, but also to identify new risks and opportunities. The vCISO will also be responsible for leading HCC's efforts to address the nine (9) elements of the Gramm-Leach-Bliley Act (GLBA) for compliance purposes.
  • Perform a detailed cyber risk assessment that includes the following, but not limited to:
    • Identifying, estimating, and prioritizing information cyber security risks at college;
    • Examining HCC's current technology, security controls, policies, and procedures to assess potential threats or attacks; and
    • Evaluating HCC's threat landscape, vulnerabilities, and cyber gaps that pose a risk to its assets.
  • Act as HCC's Qualified Individual (QI) to present quarterly reports to HCC Board of Trustees and leadership as required and specified by GLBA.
  • Develop an information security program using a framework such as National Institute of Standards and Technology (NIST) 800-53, Center of Internet Security (CIS) Critical
  • Security Controls, or CIS Implementation Group 1 (IG1) that protects HCC in accordance with GLBA security requirements.
  • Provide information security leadership, communication, investigation, mitigation, containment and post-incident analysis in the event of a cyber incident.
  • Update and enhance existing cybersecurity policies and procedures as required by GLBA.
The policies include but not limited to:
  • Vulnerability management
  • Data management
  • Incidence response
  • Software management
  • Hardware asset management
  • Provide guidance when analyzing real-time threat analysis identified by HCC's security operations center.
  • Perform third-party and partner evaluations Higher Education Community Vendor Assessment Toolkit (HECVAT).
  • Develop and implement the strategy to conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with security policies.
  • Write a clear and concise incident response plan that meets industry standards.
CYBERSECURITY INCIDENT OR BREACH
In the event of a cybersecurity incident or breach, the vCISO will:
  • Notify HCC within twenty-four (24) hours of the discovery of an incident or breach by telephone and in accordance with the agreed upon incident response plan unless a shorter notice time is required by law.
  • Implement the incident response plan, ensuring that all relevant teams are mobilized and aware of their roles and responsibilities.
  • Oversee the initial assessment to understand the scope and impact of the incident or breach.
  • Coordinate with internal stakeholders, including senior management and the board of directors, to keep them informed about the incident or breach and the steps being taken to address it.
  • Lead the investigation to determine the cause of the incident or breach, how it occurred, and what data or systems were affected.
  • Oversee the remediation efforts to fix vulnerabilities and restore affected systems.
  • Ensure that all actions taken during the incident or breach response are thoroughly documented.
  • Conduct a post-incident review to evaluate the response and identify lessons learned.
  • Provide a full written report of the incident, nature of the breach, compromised information, and correction actions taken to prevent future incidents or breaches.
All devices and equipment necessary to perform duties under this contract will be provided by HCC.

EDUCATION
At a minimum, the Contractor must possess a bachelor's degree in cybersecurity, computer science, information technology, or a related field from an accredited higher education institution in the United States. A master's degree is preferred.

EXPERIENCE
  • IT Security: The Contractor must possess at least 7-10 years of experience in IT security-related roles such as security analyst, network administrator, or similar positions.
  • Leadership: The Contractor must possess experience in management or leadership roles as CISOs need to lead teams and make strategic decisions.
CERTIFICATION(S)
The Contractor must possess at least one of the following related certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
KNOWLEDGE & SKILLS
  • Technical Skills: Demonstrates a deep understanding of information security principles, practices, and technologies.
  • Leadership and Communication: Possess strong leadership, communication, and strategic planning skills are essential.
  • Compliance and Risk Management: Possess knowledge of regulatory requirements and risk management practices.

Skill Matrix:
  1. Technical Expertise:
Knowledge of Security Frameworks: Demonstrate an understanding and application of industry-standard security frameworks, such as the National Institute of Standards and Technology (NIST) 800-53, Center of Internet Security (CIS) Critical Security Controls, and CIS Implementation Group 1
(IG1).
Cybersecurity Technologies: Demonstrate familiarity with current security technologies, especially any commonly used technologies in higher education.
Threat Intelligence and Incident Response: Demonstrate experience in threat detection, vulnerability/risk assessments, and incident response.
  1. Experience & Qualifications:
Education: Possess a bachelor's degree or higher in cybersecurity, computer science, information technology, or a related field from an accredited higher education institution in the United States.
Experience: Demonstrate years of experience providing CISO-level services, specifically virtual or remote services. Prove the ability to convey complex security concepts to non-technical stakeholders. Demonstrate leadership experience, especially in advising executive teams and boards on cybersecurity.
Certifications: Demonstrate relevant professional certifications such as CISSP, CISM, or CISA to validate skills and knowledge.
  1. Compliance & Risk Management:
Demonstrate knowledge of regulatory requirements and risk management practices.

About Us:

InterSources Inc. is a Small, Woman, and Minority-Owned Business Enterprise, ISO/IEC 27001, SOC 2 Type 2 certified company with massive 18+ years of diversified experience in providing IT Consulting Services, Artificial Intelligence, Data Analysis, Application Development, Cloud Services, Cybersecurity, Digital Marketing, ERP Management, Custom Software Development, Web Development, UI/ UX Design, System Integration, QA Support etc. We make reasonable accommodations for clients and employees, and we do not discriminate based on any protected attribute including race, religion, color, national origin, gender sexual orientation, gender identity, age, or marital status. We also are a Google Cloud and Oracle partner company.

  • Chief Information Security Manager

    1 day ago

    Mesa, United States InterSources Full time

    Chief Information Security Manager Address: Mesa, AZ (Hybrid) Full Time PositionScope of Work: The vCISO shall provide expert virtual cybersecurity services during normal business hours except in the event of a security incident or breach. HCC seeks a fresh perspective on its security measures and protocols to not only improve its posture, but also to...

  • Information Security Engineer

    3 weeks ago

    Costa Mesa, United States Sungrow Power Supply Co., Ltd. Full time

    About Sungrow:Sungrow Power Supply Co., Ltd. (“Sungrow”) is a global leading PV inverter and ESS provider with 515 GW of power electronic converters installed worldwide as of December 2023. Founded in 1997 by University Professor Cao Renxian, Sungrow leaders in the research and development of solar inverters with the largest dedicated R&D team in the...

  • Information Security Engineer

    4 days ago

    Costa Mesa, United States Sungrow Power Supply Co., Ltd. Full time

    About Sungrow:Sungrow Power Supply Co., Ltd. (“Sungrow”) is a global leading PV inverter and ESS provider with 515 GW of power electronic converters installed worldwide as of December 2023. Founded in 1997 by University Professor Cao Renxian, Sungrow leaders in the research and development of solar inverters with the largest dedicated R&D team in the...

  • Information Security Engineer

    18 hours ago

    Costa Mesa, United States Sungrow Power Supply Co., Ltd. Full time

    About Sungrow:Sungrow Power Supply Co., Ltd. (“Sungrow”) is a global leading PV inverter and ESS provider with 515 GW of power electronic converters installed worldwide as of December 2023. Founded in 1997 by University Professor Cao Renxian, Sungrow leaders in the research and development of solar inverters with the largest dedicated R&D team in the...

  • Chief Land Surveyor

    4 weeks ago

    Mesa, United States City of Mesa, AZ Full time

    Salary: $79,201.82 - $118,687.71 Annually Location : Mesa, AZ Job Type: Full Time Job Number: 12099D Department: (H165)Engineering Opening Date: 10/18/2024 Closing Date: Continuous Description/DutiesFirst review of applications will be Monday, November 4, 2024, and weekly thereafter until filled. About the Ideal Candidate: The ideal candidate will have the...

  • Information Security Engineer

    4 days ago

    Costa Mesa, CA, United States Sungrow Power Supply Co., Ltd. Full time

    About Sungrow: Sungrow Power Supply Co., Ltd. (“Sungrow”) is a global leading PV inverter and ESS provider with 515 GW of power electronic converters installed worldwide as of December 2023. Founded in 1997 by University Professor Cao Renxian, Sungrow leaders in the research and development of solar inverters with the largest dedicated R&D team in the...

  • Senior Information Security Engineer

    4 weeks ago

    Mesa, United States Stratford Solutions Inc. Full time

    Job Title: Senior Information Security Engineer (who can build from the scratch) Location: Mesa, AZ Job Type:Contract Work schedule:Normal business hour Monday to Friday Duration: 12 Months Pay Rate: $70-$80 per hour Position Overview: We are looking for Senior Information Security Engineer who will be responsible for building, design, installation,...

  • Chief Medical Officer

    5 hours ago

    Mesa, United States Jobleads-US Full time

    OverviewLooking to be part of something more meaningful? At HonorHealth, you’ll be part of a team, creating a multi-dimensional care experience for our patients. You’ll have opportunities to make a difference. From our Ambassador Movement to our robust training and development programs, you can select where and how you want to make an impact.HonorHealth...

  • Chief Executive Officer

    1 week ago

    costa mesa, United States OC Fair & Event Center Full time

    Position Purpose: The Board of Directors for the OC Fair & Event Center is seeking an experienced administrator to continue its strong traditions and to identify opportunities to expand its economic impact and contribution to the vitality of Orange County and Southern California. Working in partnership with the Board of Directors, the CEO leads the...

  • Chief Executive Officer

    3 weeks ago

    Costa Mesa, United States OC Fair & Event Center Full time

    Position Purpose: The Board of Directors for the OC Fair & Event Center is seeking an experienced administrator to continue its strong traditions and to identify opportunities to expand its economic impact and contribution to the vitality of Orange County and Southern California. Working in partnership with the Board of Directors, the CEO leads the...

  • Concierge Security Guard

    4 days ago

    Mesa, United States GardaWorld Security Services U.S. Full time

    Job Description:GardaWorld Security Services is Now Hiring a Concierge Security Officer!Ready to suit up as a Security Guard in a Concierge post?What matters most in a role like this is your ability to build meaningful connections. Tell us about how your natural ability to engage with others reassures and inspires confidence.As a Security Officer –...

  • Concierge Security Officer

    2 weeks ago

    Mesa, United States GardaWorld Security Services U.S. Full time

    Job Description:GardaWorld Security Services is Now Hiring a Concierge Security Officer!Ready to suit up as a Security Guard in a Concierge post?What matters most in a role like this is your ability to build meaningful connections. Tell us about how your natural ability to engage with others reassures and inspires confidence.As a Security Officer –...

  • Chief Financial Officer

    4 days ago

    Mesa, United States Professional Recruiters Full time

    Chief Financial Officer, Mesa, AZThe Role: We are seeking a passionate and experienced Chief Financial Officer (CFO) to lead our financial operations and be a strategic partner in achieving our mission. You will be responsible for overseeing all aspects of our financial health, ensuring compliance with regulations, and providing insightful analysis to...

  • Concierge Security Officer

    2 weeks ago

    Mesa, United States GardaWorld Security Services U.S. Full time

    Job Description:GardaWorld Security Services is Now Hiring a Concierge Security Officer!Ready to suit up as a Security Guard in a Concierge post?What matters most in a role like this is your ability to build meaningful connections. Tell us about how your natural ability to engage with others reassures and inspires confidence.As a Security Officer –...

  • Supervisory Transportation Security Officer

    2 weeks ago

    Mesa, AZ, United States Transportation Security Administration Full time

    Summary Securing Travel, Protecting People - At the Transportation Security Administration, you will serve in a high-stakes environment to safeguard the American way of life. In cities across the country, you would secure airports, seaports, railroads, highways, and/or public transit systems, thus protecting America's transportation infrastructure and...

  • Transportation Security Officer

    2 weeks ago

    Mesa, AZ, United States Transportation Security Administration Full time

    Summary Transportation Security Officers are responsible for providing security and protection of travelers across all transportation sectors in a courteous and professional manner. Their duties may also extend to securing high-profile events, important figures and/or anything that includes or impacts our transportation systems. Learn more about the...

  • Security Account Manager

    5 days ago

    Mesa, Arizona, United States Allied Universal Full time

    Overview:Allied Universal is a leading security and facility services company providing rewarding careers with a sense of purpose.As an Account Manager at Allied Universal, you will be part of a dynamic, diverse, and inclusive team that fuels a culture reflecting in our communities and customers we serve. We offer comprehensive benefits, including medical,...

  • Chief Executive Officer

    4 days ago

    Costa Mesa, United States PEAK Technical Staffing USA Full time

    Hiring Chief Executive Officerto oversee and manage all aspects of the company's administration including but not limited to, finance, human resources, marketing, and IT. You will look for methods to improve quality, efficiency and productivity, reduce costs, increase profits, or improve control measures. You will collaborate with the President and...

  • Chief Executive Officer

    2 weeks ago

    Costa Mesa, United States PEAK Technical Staffing USA Full time

    Hiring Chief Executive Officer to oversee and manage all aspects of the company's administration including but not limited to, finance, human resources, marketing, and IT.You will look for methods to improve quality, efficiency and productivity, reduce costs, increase profits, or improve control measures. You will collaborate with the President and...

  • Goodman Masson | Senior Information Security Analyst

    4 weeks ago

    costa mesa, United States Goodman Masson Full time

    SOC Cybersecurity Analyst IIILocation: On-site – Costa Mesa, CAType: 6-Month Contract-to-Hire (24/7 Operations)Goodman Masson is working with a leading Managed Services Provider (MSP) looking for a SOC Cybersecurity Analyst III to join their security operations team. This is an exciting opportunity for an experienced cybersecurity professional to lead...