Director of Information Security (CISO)
2530 Arnold Drive Suite 300 Martinez, CA 94553 | Contract-to-Hire
ROLE: Director of Information Security
LOCATIONS: Martinez, CA
INDUSTRY: Hospital and Healthcare
Bayside Solutions is seeking a highly practiced Director of Information Security (CISO) to be part of our client’ s security team in Martinez CA. The candidate will provide active leadership for security programs for our client that are designed to provide for the confidentiality, integrity, and availability of data, physical, and virtual assets.
Our Company Bio: Bayside Solutions was founded in 2001, Bayside was recognized as one of the fastest growing professional staffing companies in Northern California. The numbers tell the story: We have close to a 100% client retention rate, 700% growth in four plus years and over 95% repeat business. Our dedication to building partnership relationships with both our clients and our recruits is the key to our phenomenal success.
Principal duties include but are not limited to:
- Coordinates and directs as required technology and security efforts to maintain compliance with applicable Federal, State, Local and industry regulations
- Maintains high compliance for system OS and application patching for assets within 6 weeks of patch release
- Work with our client, the County, and Industry to deliver an operationally functional and secure technology platforms for services delivered by our client
- Plans, organizes, schedules, and completes budgets, projects, and policies in an efficient, productive manner
- Develops processes to secure externally hosted applications and data sets
- Bachelor’ s Degree (required) Master’ s Degree (preferred) in a STEM related field.
- Honesty and Integrity is a critical competency and characteristic of any role. This is manifested by not cutting corners ethically, earns organization trust and maintains confidentiality.
- Handles sensitive matters with discretion and maintains confidentiality
- Communicates professionally by speaking in terms the audience understands.
- Speaks and writes clearly, concisely and Meets deadlines and commitments
- Able to complete work efficiently and learn new technologies and methodologies quickly
- Able to lead the analysis, design and implementation of IT security solutions
- Prior experience conducting vulnerability and risk assessments to identify IT system compromises/risk/vulnerabilities or potential compromises/risk/vulnerabilities and their sources. Provides recommendations for remediation
- Directs or conducts the review, evaluation, and recommendation of software and hardware products, (e.g., virus scanning and repair, encryption, firewalls, internet filtering and monitoring, intrusion detection).
- Able to structure and process qualitative or quantitative data and draw conclusions or root causes from it.
- Attention to detail -Does not let important details slip through the cracks or derail a project.
- Resolve - Demonstrates perseverance and willingness to go the distance to get something done.
- Proactive - Acts without being instructed on what to do. Brings new and creative ideas to the company.
- Strategic thinking/visioning. Able to see and communicate the big.
- Determines opportunities and threats through comprehensive analysis of current and future trends
- Work ethic.
- Has a track record of working to task completion no matter the difficulty.
- Expects personal performance and team performance to be nothing short of their best effort.
- Teamwork. Reaches out to peers and cooperates with supervisors to establish an overall collaborative working relationship.
- Lead the analysis of system outages, alerts, and/or reports of abnormal system behavior due to suspected security-related events (e.g. viruses, trojan activity, and intrusions)
- Participate in the Countywide Computer Emergency Response Team (CCERT), Departmental Computer Emergency Response Team (DCERT), and or Security Engineering Teams (SET)
- Represent their department in legal matters related to IT systems security.
- Consults with application and software developers to ensure production applications will meet established IT security policies and standards