Vice President, Chief Information Security Officer (m/f)

Reston, VA
Mar 14, 2018
Mar 15, 2018
Full Time
The company is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets.A' Serve as a key member of the Enterprise Risk Management Committee (ERMC).Develop, review, oversee and implement identity and access management (IAM) policies, security governance policies, controls and cyber incident response planning.Schedule independent security audits and lead cybersecurity exercises.Establish and manage a Cyber Risk Assessment program to define, identify, and classify critical assets, assess threats and vulnerabilities to those assets, and implement appropriate safeguards.In collaboration with the CRO, CIO and other leaders, ensure corporate technical compliance with all cyber security related statutes, regulations, and industry directives.A' This includes, but is not limited to, Personally Identifiable Information (PII), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Federal Information Processing Standard (FIPS), EU Data Protection, National Institute of Standards and Technology (NIST) guidance.Oversee compliance with Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 - Safeguarding Covered Defense Information and Cyber Incident Reporting.Ensure compliance with government contract and security related contractual obligations and lead efforts to assess and enforce compliance with applicable security standards such as PCI DSS, ISO 27001, SSAE16 SOC, NIST SP 800-171.Develop and implement a monitoring program to ensure continued compliance with applicable laws, regulations and industry directives.Structured, logical thinker with strong problem-solving skills and excellent communication skills.A proven ability to set, meet and enforce deadlines to enable business success.Deep knowledge of technological trends and developments in information security, risk management and cybersecurity compliance.Detailed knowledge and understanding of security, risk and compliance regulations and frameworks, such as NIST RMF, ISO 27001, PCI-DSS, PII, PHI, HIPAA, HITECH, SANS CISC, GDPR, CSA, COBIT, COSO, ITIL and SOX.Experience in writing, executing and monitoring Policy, Governance and Systems Security Plans is required.Experience in Federal contracting is required.Prior Defense Industrial Base participation is a plus.Prior experience in presenting to the Board of Directors, Executive Leadership and the workforce on Cyber Risk and Response management and cyber forensic investigations is preferred.A' Demonstrated performance in key technology leadership/management positions on an enterprise level is required.A' Proven skills and experience in business case development, financial acumen, program management, team building, collaboration, communications, data analysis and data management, root cause analysis and workflow analysis skills are essential to success in this role.A' A' A bachelorA cents € (TM) s degree or equivalent experience in Computer Science or other technical field is required. Advanced degrees preferred.A' CISSP certification is preferred or required upon hire.A' Additional Information Security certifications such as Security+, C/CISO, CISM, CISA, CIRSC, CEH are preferredA minimum of 10 years in IT leadership and IT Operations is required.A' A' TS/SCI clearance, or ability to obtain one upon hire, is required.