Serve as the primary contact for client information security programs, interfacing with executive teams and business leaders in person at the client’s headquarters.
Develop custom cybersecurity programs and drive cybersecurity initiatives that support regulatory requirements, risk appetite, budget targets, and desired outcomes.
Leads monthly, quarterly, and annual presentations of risk management initiatives among client technical resources, key stakeholders, senior management, and board of directors.
Review status of security services via regular reports to identify areas in need of attention by Ascend, and present findings to client stakeholders.
Guide client infosec strategy for addressing gaps and implementing controls found in their desired security framework.
Manage and measure clients’ security and/or compliance programs.
Understand compliance and controls to help guide clients' efforts to fully address their requirements and gather evidence in preparation for audit.
Draft and implement security policies for client organizations.
Conducts third-party risk assessments to identify technical, operational, and compliance risks and recommend risk reduction strategies.
Work with the Ascend Cybersecurity Leadership to identify Ascend services required to address security needs of clients.
Oversees the delivery of cybersecurity engineering services such as vulnerability management, endpoint protection, privilege and identity management, network security, etc.
Facilitate change, knowledge, and team understanding of the client environment and needs as priorities shift.
Actively monitors evolving threats and compliance changes and communicates findings to both Ascend and client stakeholders.
Leads cybersecurity training and tabletop exercises.

Requirements

5+ years leading information security programs and initiatives
5+ Years experience in cybersecurity, and framework alignment (CMMC, DFARS, NIST 800-171, NIST CSF, HIPAA, FDIC, GLBA, ISO 27001/2, CIS, etc.)
5+ Years of strong working knowledge of system, application, network, cloud, and data security best practices
Experience preparing for compliance audits including one or more of the following SOC2, CMMC, FDIC, or HITRUST.
One or more of the following certifications: CISSP, CISA, CISM, CRISC, GLSC, GSTRT, or equivalent.
BA/BS degree or an equivalent combination of education and experience – preferably advanced degree in related field.
Demonstrable track record of accomplishment and success.
Excellent problem solving, decision-making, communication and team building skills.
Proven experience with engaging executive level leadership to influence and provide strategic insight.

Benefits

health, dental, and vision insurance
retirement savings options
flexible time off (FTO)
professional development opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

cybersecurity programsrisk managementsecurity policiesthird-party risk assessmentsvulnerability managementendpoint protectionprivilege managementnetwork securitycompliance auditssecurity framework alignment

Soft skills

problem solvingdecision-makingcommunicationteam buildinginfluencingstrategic insightclient engagementpresentation skillschange facilitationknowledge sharing

Certifications

CISSPCISACISMCRISCGLSCGSTRT