We are looking for an innovative Chief Information Security Officer (CISO), reporting to the Chief Information and Technology Officer, to join our IT team!
The global church is quickly moving towards more digital ministry solutions. LifeWay is hitting the gas pedal and moving towards creating cutting edge, trustworthy resources for churches. Our next Chief Information Security Officer (CISO) will help lead us into this new season.
LifeWay Christian Resources, headquartered in Nashville, TN, seeks an experienced, engaging, and visionary Chief Information Security Officer (CISO) who wants to become part of an exciting, vibrant community of information technology professionals supporting LifeWay’s diverse business.
The CISO is an advocate for the Lifeway’s total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the company. They will lead the development and implementation of a security program that leverages collaborations and company-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at an operations level. This person is expected to be a hands-on leader.
- Work closely with LifeWay leadership on the development, implementation and enforcement of an Information Security strategy.
- Performs IT risk assessments, audits, and security incident investigations
- Administers security programs and procedures.
- Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
- Works closely with various business leaders on addressing security vulnerabilities
- Provide guidance and counsel to key members of the company’s leadership team, working closely with senior executives, managers, and business leaders in defining objectives for information security, while building relationships and goodwill.
- Keep abreast of security incidents and act as primary control point during significant information security incidents.
- Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
- Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
- Examine impacts of new technologies on Lifeway’s overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
- Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
- Lead efforts to internally assess, evaluate and make recommendations to leadership regarding the adequacy of the security controls for Lifeway’s information and technology systems.
- Bachelor’s Degree in Computer Science, Engineering, or MIS. Master’s Degree preferred
- 10+ years of experience leading teams in information security
- CISSP or CISM certification
- 10+ years of experience with information security enterprise technology such as: Firewalls, SIEM, DLP, VPN, DMZ, MFA, WAF, Intrusion Detection/Prevention, Encryption, Anti-virus, Anti-Malware, SOC operations, forensics, identity management, etc.
- Deep understanding of existing security tools and capabilities
- Hands-on experience leading or working in a Security Operation Center
- Proven track record of building and managing a Cyber organization
- Excellent understanding of security architecture and design principles
- Excellent understanding of Identity Management governance, provisioning, and federation
- Excellent understanding of authentication and authorization policies, procedures and technologies
- Excellent understanding of security best practices including: ISO 17799/27001/27002, NIST Cybersecurity Framework