Chief Information Security Officer jobs in Portland, ME

Position Summary

This position is responsible for design and oversight of the information security program with administrative, technical, and physical safeguards based on the inherent risk profile activities, products, and services of the company. The incumbent is responsible for monitoring company environment for compliance, security issues and violations to prevent the compromise of information. Including analysis, reporting and making recommendations to senior management policy, procedures, process, and training management and staff.

Essential Functions:

• Manage and champion a positive information security culture enforcing the information security program with all employees, contractors, and vendors.
• Ensure risks and controls are identified, documented, and monitored protecting companies’ information and systems within policies and procedures, recommending mitigation strategies.
• Conduct risk assessments, process reviews and gap analyses to determine of business and technology area for compliance with regulatory requirements and industry best practices. Including Vendor and 3rd Party due diligence.
• Perform and maintain data analytics for the security environment, policy enforcement, queries, vulnerabilities, and the current state of our information security program.
• Communicate verbally and in executive level reporting with VP of ERM and the Senior Leadership Team.
• Evaluate and recommend new products, processes, technologies, and countermeasures against threats to information or privacy.
• Ensure compliance through adequate staff training programs and periodic security audits, both internal and external.
• Partner with management for business continuity and emergency recovery procedures to develop security plans as part of the recovery process.
• General knowledge of financial service organization IT auditing control requirements, including SSAE and SOC audits.
• Understanding of GLBA, NPPI, NCUA, PCI-DSS, and FFIEC security requirements and regulations.
• Any of the following IT security certifications preferred: GIAC (GSEC, GISF, GISP, or GSTRT), ISACA certifications (CISM, CISA, or CGEIT), or IC2 (SSCP, CCSP, or CISSP), ASIS (CPP), or Comptia (Security )

Job Type: Full-time

Pay: Up to $120,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Referral program
• Tuition reimbursement
• Vision insurance

Compensation package:

• Bonus opportunities

Experience level:

• 6 years

Schedule:

• Monday to Friday

Ability to Relocate:

• Westbrook, ME 04092: Relocate before starting work (Required)

Work Location: Hybrid remote in Westbrook, ME 04092