Job Specifications
We are looking to add to our executive leadership team by adding a dedicated Chief Information Security Officer (CISO)
This is a hybrid position, with 3 days per week in our Nashua, NH headquarters.
Overview
As a critical member of our leadership team, you will be responsible for protecting our digital assets, data confidentiality, ensuring compliance with cybersecurity regulations, and building a robust security infrastructure to prevent potential threats. The ideal candidate is an experienced cybersecurity leader with a strong background in information security, risk management, and a proven ability to lead cybersecurity teams.
We are targeting a strategic cybersecurity professional and a visionary seeking a challenging role where s/he can become a key player in protecting our organization's future.
Objectives
Leading the development and implementation of the our information security strategy.
Overseeing the protection of company data, intellectual property, and technology assets from cyber threats.
Developing and enforcing security policies, procedures, and protocols that align with business goals and regulatory requirements.
Identifying and mitigating security risks, ensuring the organisation remains resilient against emerging threats.
Ensuring the company’s compliance with industry standards and regulations.
Managing security audits, compliance assessments, incident response processes, and investigating security breaches.
Collaborating with cross-functional teams to integrate security measures into the company’s IT and business operations.
Responsibilities
Enterprise Security Leadership: Own the overall security strategy for internal systems, networks, and data assets across the enterprise.
MSP & Hosting Security: Design and enforce robust security controls for Managed IT and hosting services, ensuring compliance with industry and national standards and requirements.
SaaS & Product Security: Support application and public cloud stack security for internal solutions, embedding “security by design,” and supporting DevSecOps cultural transformation.
Cloud Security Architecture: Ensure secure architecture around integration between public cloud, private cloud, and IT systems.
Champion and govern identity and access management (IAM), encryption standards, zero-trust frameworks, and secure DevOps practices.
Lead efforts to harden APIs, integrations, and third-party connectors through audit and testing internal technology systems.
Customer & Industry Engagement: Act as the company’s external security authority, engaging with customers, partners, and industry groups to represent as a thought leader in cybersecurity for accounting professionals.
Partner with Sales and Customer Success to reassure large enterprises and key customers about data protection and continuity of service. Be a strong voice at the table on our behalf with our customers. Lead and listen, bringing industry perspective and expertise to the table.
Partner with product engineering, infrastructure, and operations teams to integrate security practices into development pipelines. Identify areas of opportunity for our organization to improve.
Governance, Risk & Compliance (GRC): Establish and lead the company’s GRC programs, policies, and risk management frameworks. Ensure adherence to applicable regulations and certifications.
Security Incident Response & Resilience: Build and maintain robust security incident detection, response, and recovery plans; lead post-mortem analyses and continuous improvement initiatives.
Security Operations & Monitoring: Oversee 24/7 security operations, including threat intelligence, vulnerability management, and monitoring of cloud and MSP environments.
Lead Operations of Security Products and Systems: Oversee implementation of customer facing security solutions, including endpoint management and office management.
Team Leadership: Build and mentor a high-performing security team, developing leadership capacity and instilling a culture of proactive risk management. Engage as a senior leader in our organization, mentoring engineering and infrastructure leaders, and contributing to enterprise architecture strategy. Develop, implement, and maintain a comprehensive security program that includes cyber defence, data protection, and security operations.
Conduct risk assessments, identify vulnerabilities, and prioritise remediation efforts to reduce risk exposure.
Oversee security incident detection, response, and recovery, ensuring swift mitigation of potential breaches.
Manage the security architecture, tools, and technologies deployed across the organisation’s IT infrastructure.
Coordinate with legal, compliance, and regulatory teams to ensure compliance with data protection laws, such as GDPR and HIPAA.
Monitor security metrics and report on the organisation’s security posture to executive leadership.
Lead security awareness training programs for employees to promote a culture of cybersecurity across the organi
About the Company
Incendia Partners: Your Trusted Staffing and Recruiting Solution. Recognized by Forbes, ClearlyRated, and Inc. 500, Incendia Partners is a leading recruitment firm with over 20 years of experience. We connect top talent with businesses through full-time, contract, contract-to-hire, and project-based placements. What We Offer: * Efficient Staffing - A streamlined hiring process for quick and effective placements. * Diverse Industries - Specializing in Software & IT, Accounting & Finance, Human Resources, and more. * Personali...
Know more