Incendia Partners
Chief Information Security Officer - Southern NH- Hybrid
Incendia Partners, Nashua, New Hampshire, us, 03062
Chief Information Security Officer - Southern NH- Hybrid
We are looking to add to our executive leadership team by adding a dedicated Chief Information Security Officer (CISO). This is a hybrid position, with 3 days per week in our Nashua, NH headquarters. Overview
As a critical member of our leadership team, you will be responsible for protecting our digital assets, data confidentiality, ensuring compliance with cybersecurity regulations, and building a robust security infrastructure to prevent potential threats. The ideal candidate is an experienced cybersecurity leader with a strong background in information security, risk management, and a proven ability to lead cybersecurity teams. We are targeting a strategic cybersecurity professional and a visionary seeking a challenging role where s/he can become a key player in protecting our organization's future. Objectives
Leading the development and implementation of the information security strategy. Overseeing the protection of company data, intellectual property, and technology assets from cyber threats. Developing and enforcing security policies, procedures, and protocols that align with business goals and regulatory requirements. Identifying and mitigating security risks, ensuring the organisation remains resilient against emerging threats. Ensuring the company’s compliance with industry standards and regulations. Managing security audits, compliance assessments, incident response processes, and investigating security breaches. Collaborating with cross-functional teams to integrate security measures into the company’s IT and business operations. Responsibilities
Enterprise Security Leadership: Own the overall security strategy for internal systems, networks, and data assets across the enterprise. MSP & Hosting Security: Design and enforce robust security controls for Managed IT and hosting services, ensuring compliance with industry and national standards and requirements. SaaS & Product Security: Support application and public cloud stack security for internal solutions, embedding “security by design,” and supporting DevSecOps cultural transformation. Cloud Security Architecture: Ensure secure architecture around integration between public cloud, private cloud, and IT systems. Champion and govern identity and access management (IAM), encryption standards, zero-trust frameworks, and secure DevOps practices. Lead efforts to harden APIs, integrations, and third-party connectors through audit and testing internal technology systems. Customer & Industry Engagement: Act as the company’s external security authority, engaging with customers, partners, and industry groups to represent as a thought leader in cybersecurity for accounting professionals. Partner with Sales and Customer Success to reassure large enterprises and key customers about data protection and continuity of service. Be a strong voice at the table on our behalf with our customers. Lead and listen, bringing industry perspective and expertise to the table. Partner with product engineering, infrastructure, and operations teams to integrate security practices into development pipelines. Identify areas of opportunity for our organization to improve. Governance, Risk & Compliance (GRC): Establish and lead the company’s GRC programs, policies, and risk management frameworks. Ensure adherence to applicable regulations and certifications. Security Incident Response & Resilience: Build and maintain robust security incident detection, response, and recovery plans; lead post-mortem analyses and continuous improvement initiatives. Security Operations & Monitoring: Oversee 24/7 security operations, including threat intelligence, vulnerability management, and monitoring of cloud and MSP environments. Lead Operations of Security Products and Systems: Oversee implementation of customer facing security solutions, including endpoint management and office management. Team Leadership: Build and mentor a high-performing security team, developing leadership capacity and instilling a culture of proactive risk management. Engage as a senior leader in our organization, mentoring engineering and infrastructure leaders, and contributing to enterprise architecture strategy. Develop, implement, and maintain a comprehensive security program that includes cyber defence, data protection, and security operations. Conduct risk assessments, identify vulnerabilities, and prioritise remediation efforts to reduce risk exposure. Oversee security incident detection, response, and recovery, ensuring swift mitigation of potential breaches. Manage the security architecture, tools, and technologies deployed across the organisation’s IT infrastructure. Coordinate with legal, compliance, and regulatory teams to ensure compliance with data protection laws, such as GDPR and HIPAA. Monitor security metrics and report on the organisation’s security posture to executive leadership. Lead security awareness training programs for employees to promote a culture of cybersecurity across the organisation. Stay updated on cybersecurity trends, technologies, and best practices to enhance security measures proactively. Required Skills And Qualifications
Bachelor’s degree in Information Security, Computer Science, or a related field. 10+ years of demonstrable experience as a Chief Information Security Officer or in a similar senior-level cybersecurity role. Extensive knowledge of information security principles, cybersecurity frameworks (e.g., NIST, ISO 27001), and risk management practices. Working knowledge of security auditing, vulnerability assessments, and risk mitigation. Experience with security technologies such as firewalls, intrusion detection systems, SIEMs, and encryption protocols. Solid knowledge of data privacy regulations and compliance requirements. Ability to develop and implement complex security strategies. Strong leadership and communication skills, with the ability to influence decision-making at the executive level. Strong analytical and problem-solving skills with a keen eye for identifying potential risks and vulnerabilities. Ability to manage a team of security professionals and work cross-functionally with IT, legal, and compliance teams. Preferred Skills And Qualifications
Master’s degree in Cybersecurity, IT, or related fields. Relevant certifications in cybersecurity, such as CISSP, CISM, or CISA. Experience with cloud security and securing cloud infrastructure. Familiarity with incident management and disaster recovery planning. Knowledge of ethical hacking and penetration testing techniques. Background in regulatory compliance and data privacy laws in the industry. Hands-on experience with SIEM tools, firewalls, and intrusion detection systems. Expertise in secure software development and DevSecOps practices. Understanding of artificial intelligence and machine learning applications in security. #ZR Seniority level
Executive Employment type
Full-time Job function
Information Technology Industries Staffing and Recruiting
#J-18808-Ljbffr
We are looking to add to our executive leadership team by adding a dedicated Chief Information Security Officer (CISO). This is a hybrid position, with 3 days per week in our Nashua, NH headquarters. Overview
As a critical member of our leadership team, you will be responsible for protecting our digital assets, data confidentiality, ensuring compliance with cybersecurity regulations, and building a robust security infrastructure to prevent potential threats. The ideal candidate is an experienced cybersecurity leader with a strong background in information security, risk management, and a proven ability to lead cybersecurity teams. We are targeting a strategic cybersecurity professional and a visionary seeking a challenging role where s/he can become a key player in protecting our organization's future. Objectives
Leading the development and implementation of the information security strategy. Overseeing the protection of company data, intellectual property, and technology assets from cyber threats. Developing and enforcing security policies, procedures, and protocols that align with business goals and regulatory requirements. Identifying and mitigating security risks, ensuring the organisation remains resilient against emerging threats. Ensuring the company’s compliance with industry standards and regulations. Managing security audits, compliance assessments, incident response processes, and investigating security breaches. Collaborating with cross-functional teams to integrate security measures into the company’s IT and business operations. Responsibilities
Enterprise Security Leadership: Own the overall security strategy for internal systems, networks, and data assets across the enterprise. MSP & Hosting Security: Design and enforce robust security controls for Managed IT and hosting services, ensuring compliance with industry and national standards and requirements. SaaS & Product Security: Support application and public cloud stack security for internal solutions, embedding “security by design,” and supporting DevSecOps cultural transformation. Cloud Security Architecture: Ensure secure architecture around integration between public cloud, private cloud, and IT systems. Champion and govern identity and access management (IAM), encryption standards, zero-trust frameworks, and secure DevOps practices. Lead efforts to harden APIs, integrations, and third-party connectors through audit and testing internal technology systems. Customer & Industry Engagement: Act as the company’s external security authority, engaging with customers, partners, and industry groups to represent as a thought leader in cybersecurity for accounting professionals. Partner with Sales and Customer Success to reassure large enterprises and key customers about data protection and continuity of service. Be a strong voice at the table on our behalf with our customers. Lead and listen, bringing industry perspective and expertise to the table. Partner with product engineering, infrastructure, and operations teams to integrate security practices into development pipelines. Identify areas of opportunity for our organization to improve. Governance, Risk & Compliance (GRC): Establish and lead the company’s GRC programs, policies, and risk management frameworks. Ensure adherence to applicable regulations and certifications. Security Incident Response & Resilience: Build and maintain robust security incident detection, response, and recovery plans; lead post-mortem analyses and continuous improvement initiatives. Security Operations & Monitoring: Oversee 24/7 security operations, including threat intelligence, vulnerability management, and monitoring of cloud and MSP environments. Lead Operations of Security Products and Systems: Oversee implementation of customer facing security solutions, including endpoint management and office management. Team Leadership: Build and mentor a high-performing security team, developing leadership capacity and instilling a culture of proactive risk management. Engage as a senior leader in our organization, mentoring engineering and infrastructure leaders, and contributing to enterprise architecture strategy. Develop, implement, and maintain a comprehensive security program that includes cyber defence, data protection, and security operations. Conduct risk assessments, identify vulnerabilities, and prioritise remediation efforts to reduce risk exposure. Oversee security incident detection, response, and recovery, ensuring swift mitigation of potential breaches. Manage the security architecture, tools, and technologies deployed across the organisation’s IT infrastructure. Coordinate with legal, compliance, and regulatory teams to ensure compliance with data protection laws, such as GDPR and HIPAA. Monitor security metrics and report on the organisation’s security posture to executive leadership. Lead security awareness training programs for employees to promote a culture of cybersecurity across the organisation. Stay updated on cybersecurity trends, technologies, and best practices to enhance security measures proactively. Required Skills And Qualifications
Bachelor’s degree in Information Security, Computer Science, or a related field. 10+ years of demonstrable experience as a Chief Information Security Officer or in a similar senior-level cybersecurity role. Extensive knowledge of information security principles, cybersecurity frameworks (e.g., NIST, ISO 27001), and risk management practices. Working knowledge of security auditing, vulnerability assessments, and risk mitigation. Experience with security technologies such as firewalls, intrusion detection systems, SIEMs, and encryption protocols. Solid knowledge of data privacy regulations and compliance requirements. Ability to develop and implement complex security strategies. Strong leadership and communication skills, with the ability to influence decision-making at the executive level. Strong analytical and problem-solving skills with a keen eye for identifying potential risks and vulnerabilities. Ability to manage a team of security professionals and work cross-functionally with IT, legal, and compliance teams. Preferred Skills And Qualifications
Master’s degree in Cybersecurity, IT, or related fields. Relevant certifications in cybersecurity, such as CISSP, CISM, or CISA. Experience with cloud security and securing cloud infrastructure. Familiarity with incident management and disaster recovery planning. Knowledge of ethical hacking and penetration testing techniques. Background in regulatory compliance and data privacy laws in the industry. Hands-on experience with SIEM tools, firewalls, and intrusion detection systems. Expertise in secure software development and DevSecOps practices. Understanding of artificial intelligence and machine learning applications in security. #ZR Seniority level
Executive Employment type
Full-time Job function
Information Technology Industries Staffing and Recruiting
#J-18808-Ljbffr