Chief Information Security Officer

Chief Information Security Officer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Chief Information Security Officer in New York (USA).

We are seeking an experienced Chief Information Security Officer (CISO) to lead and strengthen the organization’s enterprise information security strategy. This senior leadership role is responsible for safeguarding the business against cyber threats while ensuring regulatory compliance and operational resilience. The ideal candidate will combine technical expertise with strategic vision, managing a team of security professionals, guiding risk management practices, and providing actionable insights to the executive team and Board of Directors. Success in this position requires a proactive, analytical mindset, the ability to navigate complex regulatory landscapes, and the skill to build strong cross-functional relationships. The role operates in a hybrid work environment, providing both on-site and remote flexibility.

Accountabilities:

• Develop, implement, and maintain a comprehensive Enterprise Information Security Program.
• Design and manage response processes for cybersecurity incidents, including reporting, containment, and remediation.
• Lead, train, and mentor the Information Security team while providing security education to employees across the organization.
• Continuously monitor threats and ensure compliance with relevant information security laws and regulations.
• Oversee internal and external security tests, penetration testing, phishing simulations, and crisis tabletop exercises.
• Approve and maintain identity access policies, security procedures, and documentation, ensuring staff and vendor compliance.
• Brief executive leadership and the Board on security risks, strategy, and key metrics including Key Risk Indicators (KRIs).
• Partner with IT and business units to align security initiatives with organizational objectives and maintain operational resilience.

Requirements:

• Master’s degree or equivalent experience in Information Security, Computer Science, or related field.
• Minimum of 10 years of experience, with at least 5 years managing information security in complex, regulated environments.
• Extensive experience in financial services or similarly regulated industries; banking experience preferred.
• Proven ability to create and maintain enterprise-level security programs and conduct risk assessments.
• Knowledge of data privacy laws, DFS 500 regulations, and security engineering concepts.
• Experience working with external regulators such as NY DFS and FDIC.
• Excellent verbal and written communication skills, with the ability to present complex information to executives and boards.
• CISSP, CISA, or CISM certification preferred.
• Strong analytical, problem-solving, and project management skills with the ability to manage multiple high-priority initiatives.

Benefits:

• Competitive salary range: $240,000 – $260,000, depending on experience.
• Hybrid work model with flexibility for remote and on-site collaboration.
• Comprehensive health, dental, and vision insurance.
• Retirement plan options and other financial benefits.
• Professional development and training opportunities.
• Exposure to a dynamic, mission-driven organization committed to diversity, equity, and inclusion.