Information Security Engineer

Job Description

Nonfat Media is seeking a dynamic and experienced Information Security Engineer to join our organization. The position full time, permanent and REMOTE. Candidates must be authorized to work in the US and reside in California. The ISE will be responsible for developing and implementing robust cybersecurity strategies, policies, and practices to safeguard our organization's information assets and ensure the integrity, confidentiality, and availability of our data.

Responsibilities:

Cybersecurity Strategy and Leadership:

- Develop and lead the implementation of the organization's cybersecurity strategy, ensuring alignment with business objectives.

- Provide strategic direction and vision to the cybersecurity team, fostering a culture of security awareness and compliance throughout the organization.

Risk Management:

- Conduct regular risk assessments to identify and prioritize cybersecurity risks.

- Develop and implement risk mitigation strategies and controls to safeguard the organization against potential threats.

Security Governance:

- Establish and maintain effective security governance frameworks, policies, and procedures.

- Ensure compliance with relevant laws, regulations, and industry standards related to information security.

Incident Response and Management:

- Develop and maintain an incident response plan, including coordinating the response to cybersecurity incidents.

- Conduct post-incident analysis to identify root causes and recommend improvements to prevent future incidents.

Security Architecture and Design:

- Collaborate with IT and business units to integrate security best practices into the design and development of systems and applications.

- Ensure the continuous evaluation and enhancement of security architecture to address emerging threats.

Security Awareness and Training:

- Implement a comprehensive security awareness program for employees, promoting a security-conscious culture.

- Provide training on cybersecurity best practices and conduct regular drills to test the organization's readiness for security incidents.

Vendor and Third-Party Risk Management:

- Oversee the assessment and management of cybersecurity risks associated with third-party vendors and partners.

- Ensure that vendors adhere to the organization's security standards and policies.

Security Monitoring and Reporting:

- Implement and manage security monitoring tools and processes to detect and respond to security events.

- Generate regular reports on the organization's cybersecurity posture and incidents for executive leadership.

Qualifications:

- Bachelor's or Master's degree in Information Security, Computer Science, or a related field.

- Proven experience in a cybersecurity leadership role.

- Industry certifications such as CISSP, CISM, or CISA are highly desirable.

- Strong understanding of cybersecurity technologies, risk management, and compliance.

- Excellent leadership, communication, and interpersonal skills.

Please do not contact the employer directly***************************************

Jobcode: Reference SBJ-dyn913-3-15-219-217-42 in your application.