You will be responsible for developing, implementing, and monitoring a strategic, comprehensive cybersecurity and compliance management program. You will provide the guidance necessary to manage the risk to the organization and will ensure business alignment, system and product availability, integrity, and confidentiality. You will implement, monitor, and maintain the processes and tools necessary to ensure a secure environment.
- Develop strategies to optimize the organization’s security posture and support enabling solutions.
- Define and measure the execution of the cybersecurity strategies. Ensuring fulfillment of legal and contractual information security and privacy mandates, including providing management with compliance reports and audit findings.
- Develop and implement organizational security policy and procedure.
- Facilitate the delivery of accurate and timely information during audits, regulatory exams, and customer requests by building the assurance and evidence into cybersecurity operations.
- Responsible for the management of cybersecurity tools, documentation, standards, and processes to ensure an operating environment that conforms with policy and regulatory compliance requirements.
- Monitor security controls, audit devices, and detect for possible security threats, vulnerabilities, and incidents.
- Investigate current cyber security trends/threats and provide IT leadership with timely communication updates.
- Research, recommend and develop security and risk mitigation solutions.
- React and respond to security incidents by coordinating with the appropriate internal teams and, if necessary, external authorities, legal professionals, and contracted security consulting firms.
- Oversee and provide guidance to all DPO activities.
Experience & Qualifications
- 3+ years of enterprise cybersecurity or relevant technology/risk management experience.
- 1+ years of experience directing the activities of others.
- CISSP or other industry standard security certifications highly desirable. If not currently certified, you have the ability to attain certification within 12 months of hire.
- In-depth understanding of US and EU data protection laws.
- In-depth understanding and/or experience implementing and measuring cybersecurity maturity with NIST, ISO, SOC2 or other industry standard security focused frameworks.
- Experience implementing and managing industry standard security hardware and software appliances and tools.
- Experience analyzing and interpreting system, security, and application logs to diagnose faults and spot abnormal behaviors.
- Comprehensive understanding of information security technologies and methodologies, information technology auditing, and business continuity management.
- Advanced knowledge of data security administration principles, method, and techniques including firewalls, network, and intrusion detection systems.
LinkedIn Profile / Website
Sonic Foundry is an Equal Opportunity Employer
We are an equal opportunity employer that values diversity at all levels. All individuals, regardless of personal characteristics, are encouraged to apply. Diversity and inclusion are both embraced and is a recognized business advantage. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status. Sonic Foundry uses E-Verify to confirm the employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit https://www.e-verify.gov/. Employment is contingent upon passing a background check.
Thank you for your interest in Sonic Foundry!