Job Description

Direct message the job poster from iO Associates - US Senior Delivery Consultant - Software Development Advocate iO Associates are currently partnered with a software development organization with 600 users and 4,000 endpoints (including 3,000 servers.) They are currently using CrowdStrike managed services for EDR/MDR but needs strong internal leadership to guide incident response and overall security posture. They are looking for a Chief Information Security Officer to join their team. This is a fully remote opportunity with a February start. Open to U.S citizens and Greencard holders. Key Responsibilities: Strategic Security Leadership Act as the interim executive in charge of the organization's overarching security strategy and roadmap. Report to executive leadership and potentially the board on security posture, risk, and strategic initiatives. Proactively assess emerging threats and recommend strategic mitigations that align with business goals. Security Operations & Incident Response Provide oversight for daily security operations, including configuration and management of the CrowdStrike EDR/MDR environment. Investigate, triage, and coordinate incident response activities. Be on-call and available to handle urgent security events, potentially including evening wake-up calls in serious situations. Risk Management & Policy Review, refine, and enforce security policies, procedures, and controls to address vulnerabilities and regulatory requirements. Conduct periodic risk assessments to identify and prioritize mitigation strategies. Liaise with third-party vendors and partners (e.g., managed security providers, IR firms) to ensure contractual obligations are met. SOC 2 Compliance & Governance Collaborate with an external SOC 2 consultant to drive compliance efforts, ensuring timely evidence collection and control implementation. Serve as the point person for internal teams on governance frameworks (NIST CSF, ISO 27001) to maintain and improve security posture. Plan and execute a roadmap for sustainable compliance beyond the immediate SOC 2 scope. DevOps & Product Security Integrate security best practices into a heavy DevOps environment, ensuring secure deployment pipelines and cloud-native architectures. Provide guidelines for secure coding, containerization, and CI/CD pipeline security. Mergers & Acquisitions Strategic guidance on security considerations for any ongoing or future M&A activities. Conduct security due diligence, integrate security processes post-acquisition, and mitigate associated risks. Team Development & Cross-Functional Leadership Mentor the existing IT/security staff, building their skills and confidence in handling security tasks. Work collaboratively with development, operations, and executive stakeholders to align security objectives with business priorities. Champion a security culture across the organization through training and awareness programs. Required Qualifications & Experience Security Leadership 5+ years of progressive experience in information security, including at least 2+ years in a leadership (Director, Sr. Manager, or CISO) capacity. Proven track record of aligning security strategy with overall business objectives. Security Operations & Incident Response Strong hands-on experience with CrowdStrike or comparable endpoint security solutions. Demonstrable ability to lead complex incident response processes, including off-hours escalation. Compliance & Auditing Direct experience with SOC 2 (and ideally other frameworks like NIST, ISO 27001). Understanding of governance, risk, and compliance (GRC) principles and their practical application. DevOps & Cloud Security Familiarity with CI/CD pipelines, container security (e.g., Docker, Kubernetes), and cloud platforms (AWS, Azure, or GCP). Ability to advise on best practices for secure software development and infrastructure as code. Mergers & Acquisitions Hands-on involvement in at least one M&A security integration or due diligence effort. Company Scale Direct experience in smaller organizations ( Exposure to larger enterprises (5,000+ employees) to ensure familiarity with mature processes and governance. Consulting & Communication 3+ years of consulting experience (major integrator or incident response firm preferred). Strong communication skills to interact with both technical teams and executive leadership. Education & Certifications Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). Industry-recognized certifications (CISSP, CISM, GIAC, etc.) strongly preferred. Apply now or email to set up a chat to connect further. Seniority level Executive Employment type Full-time Job function Information Technology Industries Technology, Information and Internet #J-18808-Ljbffr iO Associates - US

Job Tags

Similar Jobs