• CISO

    ID
    2018-3042
    Pos. Category
    Executive
    Location : City
    Salt Lake City
    Location : State/Province
    UT
    Created Date
    8/9/2018
    Type
    Regular Full-Time
  • Overview

    Want to work on a world-class team building life-changing financial products? Let me introduce you to Progrexion – that’s what we do every day.

     

    Based in downtown Salt Lake City, our team builds industry leading services that help consumers access, understand, and verify their credit reports are fair, accurate, and substantiated. Our services power the technology behind Lexington Law (an independently owned law firm), Credit.com, and CreditRepair.com.  And the good news? We have a lot of fun while we do it.

     

    The CISO must be both strategic and tactical while acting as a conduit between the business and IT.  This individual will have strong strategy and program skills to ensure Progrexion’s client information is safe at all times.  Our ideal candidate will not only have a high business acumen, but will also have a technical background and ability to convey technical information into business terms.

    Responsibilities

    • Develop, implement and monitor a strategic, comprehensive enterprise information security and risk management program to predict, prevent, detect and respond to threats and risks
    • Manage the enterprise's information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management and annual performance reviews
    • Ensure ongoing analysis of information security threats, vulnerabilities, and market trends. Identify and contain emerging threats before they can have a negative impact on business operations
    • Develops and maintains an information security risk mitigation plan, including leading the security incident response team in prevention, investigation, mitigation and reporting activities
    • Ensure technology solutions adhere to best practices and meet security requirements, including Software-as-a Service (SaaS) contracts, Infrastructure-as-a-Service (IaaS) contracts, Platform-as-a-Service (PaaS) contracts and customized software development solutions

    Qualifications

    • 15+ years of experience in Information Security, with a record of increased responsibilities and duties.
    • Expert-level understanding of today’s threat landscape and information security architectures, as well as applicable laws, regulations, and compliance frameworks (SSAE 16, PCI-DSS, NACHA, etc.).
    • CISSP, CISM, GIAC or other InfoSec certifications required.
    • In-depth knowledge of information security practices and controls in areas including Data Protection, Identity and Access Management, Incident Response, Threat and Vulnerability Management, Intrusion Detection Systems, Event Log Management, End-Point Protection, Data Loss Prevention, Encryption and Firewalls, etc.
    • Partner with all areas of the company to educate them on the importance of a strong program, work to develop solutions to achieve company’s objectives, and incorporate security into how we do business.
    • Communicate with senior management of the status and direction of the program.

    #CB

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.