Chief Information Security Officer
- Charlotte, NC, USA
- Employees can work remotely
- Department: Legal
At Brightspeed, we are reimagining how people live, work, play and connect by providing fast, reliable internet connections and an awesome customer experience in twenty states throughout the Midwest and South.
Backed by private equity firm Apollo Global Management, our vision is to accelerate the upgrade of copper to fiber optic technologies, bringing faster and more reliable internet service to many rural markets traditionally underserved by broadband providers, while delivering best-in-class customer experience.
Be a part of the team that will make this vision a reality….designing and building a world class fiber network and creating a customer experience second to none.
We are currently searching for a Chief Information Security Officer (CISO) to join our growing team! As Brightspeed’s CISO, you will be responsible for establishing and maintaining an information risk management program to ensure information assets are adequately protected. Reporting to the EVP & Chief Legal Officer, you are responsible for identifying, evaluating, and protecting against and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. As CISO, you must be a proven leader with strong skills in business management and working knowledge of information and cyber security technologies. You will proactively work with our business units and stakeholders to implement practices that meet defined policies and standards for information security. You will foster relationships with leaders across the business and divisions while collaborating with partners in security, legal, risk, compliance, business unit technology, and shared service technology groups. Because of the strong connection between information security and the other aspects of security, as CISO you will have a dotted line relationship into the EVP & Chief Technology Officer and will also participate in a variety of business-wide risk management activities.
As Brightspeed’s CISO, you will serve as the process developer and owner of all ongoing activities related to the availability, integrity and confidentiality of customers, business partners, employees, and business information in compliance with the organization’s information security policies. To be successful in this role, you should be knowledgeable about the business environment and will work with IT to provide advice to ensure that systems, network infrastructure, including Cloud, are maintained in a secure and fully functional mode.
To be our ideal candidate, you will have a track record of being effective as a business enabler and an integrator of people, process, and technology. You have competency in the field of information security with direct experience in a significant leadership role overseeing operations related to security policy and Governance Risk and Regulatory Compliance functions. You must ultimately be a relationship builder with the savvy to learn and understand our unique business and make recommendations most fitting to the business.
As Chief Information Security Officer, you will:
- Establish and maintain an enterprise-wide Cyber Security program that ensures the availability, integrity, and confidentiality of our information assets
- Work with executive management and our Information Risk Committee to determine acceptable levels of risk for the organization to sustain a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled, or processed by the organization
- Collaborate with key partners in security, IT, operations, and divisional technology business units to develop a company-wide, risk-based information security strategy and action plans
- Work with Audit, Information Technology organizations, and business units’ enterprise-wide to establish and direct appropriate policies, processes, and controls; enforce established policies and procedures; work with senior management to assist with planning for compliance; coordinate communication of security and privacy policies to the enterprise
- Develop, document, and manage comprehensive information security standards, policies, procedures, and guidelines
- Conduct periodic assessment and analysis of the enterprise’s Cyber and Information Security risks to identify, measure, control, and minimize loss by reporting and adjustments to the program and safeguards
- Work with the enterprise Information Technology organizations in the appropriate Information Security services, mechanisms, technologies and features to satisfy information system security policies and requirements to meet the business and Information Security needs of the enterprise Key areas: Computing platform architecture, network environment, enterprise architecture, security models, and protection mechanisms
- Ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required
- Closely monitor emerging information security threats, assess the company’s risk exposure to them, implement mitigating measures and communicate this information to key stakeholders on a timely basis
- Establish and maintain policy and verify implementation, monitoring, reporting, and escalation of suspected and real Information Security incidents and anomalies
- With the appropriate Brightspeed stakeholders, define which types of confidential information are required to be or should be protected with cryptography and establish and maintain policy and verify implementation of suitable encryption controls to protect such information
- Establish and maintain policy and verify implementation of controls for networks, Cloud, telecommunications, and Internet access that preserve investments in technology, human capital, and confidentiality, maintaining trustworthy and accurate data, and ensuring a sustainable level of trust in the automated systems used to collect, store, and disseminate accurate, reliable information
- Conduct regular and ongoing monitoring of and reporting on company-wide compliance with information security standards and policies
- Work closely with the Chief Security Officer on relevant incidents and overall processes and procedures
- Advise Brightspeed executives and enterprise Information Technology senior management regarding Information Security and data protection policies and practices
WHAT IT TAKES TO CATCH OUR EYE:
- Bachelor’s Degree in Computer Science, Cybersecurity, Information Systems or related discipline required
- 10+ years of progressive leadership experience in information security, including experience with IT Systems, network infrastructure, Cloud technology and security issues - information security experience within the Telecommunications and Internet industry is strongly preferred
- Possess strong legal, policy, technical, customer and business skills and will have operated in a similar organization
- Experience in partnering with business units to understand, actively shape and support business needs as an effective enabler who can protect the business while avoiding unnecessary obstacles
- Possess a deep security knowledge base gained in fast paced, change minded environments
- Experience with information system disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning
- Business system continuity planning, auditing, and risk management experience as it relates to information security
- Must be a superb relationship builder with the ability to work across groups within a global organization
- Excellent written and verbal communication skills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences
- Must be an intelligent, articulate, consensus building and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical team members at all levels of the organization
BONUS POINTS FOR:
- Master’s Degree in Computer Science, Cybersecurity, Information Systems or Juris Doctor
- Information Security certification such as the Certified Information Security Manager Certification (CISM) or other related certifications
- Certified Information Systems Security Professional Certification (CISSP)
- Telecommunications and Internet industry experience
WHY JOIN US?
We aspire to contemporary ways of working.
We are committed to being a leader in defining a new way to work because we recognize the changing mindset of today's workforce. We meet you where you are...wherever you are, by providing sensible remote and hybrid work arrangements. Why? Because our purpose is to reimagine how people work, learn, play and connect!
We offer competitive compensation and comprehensive benefits.
Our benefits and paid time off programs reflect our underlying belief in promoting overall wellness through physical, emotional and financial health. We are committed to building a team as diverse as the customers we serve.
Diversity, equity and inclusion are at the center of our grounding belief in Being Real.
When we bring our authentic selves to work, everyone is better as a result. A diverse team helps us be fierce advocates for more accessible, inclusive and high-quality internet, because we believe doing so promotes equity in the communities we serve.
Brightspeed is an Equal Opportunity Employer
Please be advised that Brightspeed (Connect Holding LLC) requires its employees to be fully vaccinated against COVID-19, subject to the Company’s legal obligations including potentially accommodating an employee’s sincerely held religious beliefs or medical condition.