Chief Information Security Officer

Company: Ultra Global Business Services
Location: Austin
Posted on: April 19, 2024

Job Description:

Company: Ultra Intelligence & CommunicationsIntelligence & Comms SBUProvide Decision Advantage to Mission Partners Around the WorldJoin us in our mission to provide the world's military members with the latest, most customizable solutions and capabilities, enabling mission success anywhere around the globe. At Ultra Intelligence and Communications (I&C), we provide critical, tactical capabilities to enhance and accelerate decision-making in the most challenging environments. By joining us, you will experience unrivaled opportunities for growth and innovation and be a part of a dynamic and diverse team that pushes boundaries and drives meaningful change in intelligence and communications.Job Description The Chief Information Security Officer is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. This Information Security Leader will proactively work with the VP Information Technology, business unit leaders, Senior Management and the Board of Directors to implement practices that meet defined objectives and standards for information security.

The position will also oversee a variety of IT-related risk management activities. Working as a key member of the Ultra I&C Information Technology team reporting to the VP Information Technology, they will ensure the ongoing compliance with internal and external security requirements such as DFARS 252.204-7012, NIST 800-171, CMMC, ISO 27001, Cyber Essentials +, PCI DSS and corporate security policies.Responsibilities:

• Coordinate with IT leaders and business partners to set the strategic direction of the enterprise IT security program, ensure integration with business systems/applications strategies, introduce evolutionary concepts, and solicit feedback to ensure alignment with the business goals.
• Develop and maintain up-to-date information security policies, procedures, and guidelines.
• Manage information security policy approval, publication, and training processes.
• Facilitate information security governance through the implementation of a hierarchical governance program across Enterprise and Business Unit (BU) IT, including managing the information security steering committee.
• Lead and manage the cybersecurity incident response process.
• Monitor the external threat environment for emerging threats & advise relevant stakeholders on the appropriate risks and courses of action.
• Coordinate the use of external resources involved in the information security program, including, but not limited to, vendor selection, negotiating contracts and fees, and managing 3rd party providers.
• Develop a metrics and reporting framework to measure the efficiency and effectiveness of the program and increase the maturity of the security program and its processes.
• Provide strategic risk guidance for IT projects, including evaluation & recommendation of technical controls, secure enterprise architecture design and life cycle management.
• Works closely with IT and Engineering organizations to ensure systems security is appropriately considered at onset of initiatives and throughout technology lifecycle.
• Coordinate & manage information security awareness training programs for all employees, contractors, and approved system users.
• Define and facilitate the information security risk assessment process, including the reporting and oversight of remediation efforts to address findings.
• Own the vulnerability management reporting process as well as coordinating with BU IT remediation of vulnerabilities.Required Skills and Qualifications:
  • Bachelor's degree in Computer Science, Information Systems, Information Security or closely related field required.
  • Minimum 7 years of experience in Information Security or IT Management, or related technical position.
  • Prior experience in a similar capacity working for a defense contractor.
  • Prior experience with industry standards implementation and governance with at least two of the following: PCI DSS, NIST 800-171, NIST 800-53, CMMC, Common Criteria, ISO27001, ISO27002
  • Minimum 3 years of experience with IT audit and compliance
  • Prior experience with IT vulnerability management and penetration testing.
  • Prior experience with physical security and data center management.
  • Relevant experience with Incident and Change management.
  • Solid understanding of Microsoft operating systems.Desired Skills and Qualifications:
    • Unique skills or certifications needed to perform essential functions of the job to include one or more from the following groups: CISSP, CISM, CISA, ISP, Cloud Security related certifications
    • Strong written and verbal communicator.
    • Ability to work effectively in both managerial and hands on roles.Travel:This position requires occasional travel to business sites in the US, Canada, and the UK.Physical requirements of the job:
      • Sitting for extended periods of time
      • Some repetitive motions
      • Some physical effort - lifting up to 50 pounds.
      • Occasional varied hours, including working at night or on weekendsNoticeDue to the nature of the programs we deliver for our customers, candidates may need to obtain the relevant security clearance or handle export-controlled material as defined by the role's requirements.Our BenefitsEvery employee is critical to our success, and as such, we offer a range of flexible employee benefits, including:
        • Annual Bonus - Annual Bonus - Performance Related
        • Competitive Paid Time Off (PTO) package plus 11 company holidays
        • Early finish on Friday
        • 401K w/ company match
        • Medical/Dental/Vision Benefits
        • Student Loan Assistance Program
        • Array of voluntary benefit offeringsDiversity, Equity & Inclusion StatementAt Ultra I&C, we are an equal opportunity employer and value diversity and inclusivity. Underpinned by our values, behaviors, and policies, we want you to feel empowered to be the best version of yourself. We also believe that people from different backgrounds and cultures will increase our diversity of thinking, ensuring we successfully deliver to our customers. We, therefore, do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We also support requests for flexible working arrangements wherever possible. If you have any issues with your application, please email us at .Reasonable accommodation statement: if you need accommodation for any part of the application process, please email .We abide by the requirements of 41 CFR 60-1.4(a), 60.300-.5 (a), and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin and for inquiring about, discussing, or disclosing compensation. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Keywords: Ultra Global Business Services, Austin , Chief Information Security Officer, Executive , Austin, Texas