Director of Security, CISO
- Prudent Consulting
2 Days Ago
NA
NA
Remote
11-15 Years
Required Skills: Perimeter/Endpoint Security, Vulnerability Management, GRC/BCP/DR, IAM/UAM, SOC, Cybersecurity strategy, firewalls, EDR, DLP, MDM, web and email security platforms, CISSP, CISM, CISA, CRISC
Job Description
Job Title: Director of Security/CISO
Location: Remote
Duration: 6 months contract
It’s remote. They really want someone occasional onsite in El Segundo, but I will accept anyone in CA.
Looking for someone in SOCAL, but I would say anyone in CA. The duration is 6 months and could be a contract to hire. Below is a high-level overview of what is going on from a security perspective.
Job Description
The Director of Security / CISO is responsible for developing, implementing, and managing the organization’s enterprise-wide cybersecurity strategy. This role oversees all critical domains of security including perimeter and endpoint protection, vulnerability management, governance/risk/compliance (GRC), identity and access management (IAM), user activity monitoring, and the 24x7 security operations center (SOC). The CISO ensures the confidentiality, integrity, and availability of information systems while aligning security initiatives with business objectives.
Key Responsibilities:
Leadership & Strategic Planning
- Lead the Information Security function across all service areas: Perimeter/Endpoint Security, Vulnerability Management, GRC/BCP/DR, IAM/UAM, and SOC.
- Develop and implement a comprehensive, risk-based cybersecurity strategy.
- Communicate security posture and risk to executive leadership and board of directors.
Security Operations & Architecture (24x7)
- Oversee Perimeter and Endpoint Security services, ensuring continuous monitoring, incident prevention, and response capabilities are in place.
- Manage next-generation firewalls, EDR, DLP, MDM, and web/email security platforms.
Vulnerability & Risk Management (8x5)
- Direct the vulnerability management program, including assessments, remediation tracking, and reporting.
- Integrate configuration compliance and patch management into overall risk management framework.
Governance, Risk, Compliance & Resilience (8x5)
- Maintain GRC tools and processes; support internal and external audit efforts.
- Lead Business Continuity Planning (BCP) and Disaster Recovery (DR) initiatives.
- Ensure data classification, retention, and records management policies are adhered to.
Identity & Access Management (IAM – 16x5, UAM – 24x7)
- Govern access lifecycle processes including provisioning, RBAC, and PAM solutions.
- Oversee 24x7 user activity monitoring and insider threat detection.
Security Operations Center (SOC – 24x7)
- Lead the SOC team to detect, triage, and respond to security incidents.
- Define and track key performance indicators (KPIs) and metrics for alert handling and threat response.
- Integrate threat intelligence and SIEM technologies to improve detection capabilities.
Compliance & Awareness
- Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, SOX, ISO 27001).
- Promote a security-aware culture through training, phishing campaigns, and simulated attacks.
Qualifications:
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Systems, or related field.
- 10+ years of experience in Information Security, with 5+ in a leadership or executive role.
- Industry certifications preferred: CISSP, CISM, CISA, CRISC, or equivalent.
- Proven track record in building and leading security programs at scale.
- Strong knowledge of current threat landscape, security frameworks, and controls (NIST, ISO, COBIT).
- Exceptional leadership, communication, and stakeholder management skills.
