Chief Information Security Officer

Job TitleChief Information Security Officer (CISO)LocationBirmingham, AL or Chicago, IL — Onsite, in office-based positionReports toChief Financial Officer (CFO) of GVW GroupJob SummaryThe Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise's vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO is a key leadership role tasked with safeguarding sensitive data, mitigating risks, ensuring compliance, and responding effectively to cybersecurity incidents.Key ResponsibilitiesStrategic LeadershipDevelop, implement, and maintain an enterprise-wide information security strategy and roadmap.Strategic LeadershipAdvise senior management and the Board of Directors on cybersecurity risks, compliance, and emerging threats.Strategic LeadershipAlign security initiatives with business objectives to support growth while managing risk.Risk Management and ComplianceIdentify, assess, and prioritize cybersecurity risks and establish measures to mitigate them.Risk Management and ComplianceEnsure compliance with relevant legal, regulatory, and contractual requirements (e.g., GDPR, HIPAA, CCPA, ISO 27001).Risk Management and ComplianceDevelop and enforce company-wide security policies, procedures, and standards.Cybersecurity OperationsOversee the design, implementation, and maintenance of security infrastructure, including firewalls, intrusion detection systems, and encryption technologies.Cybersecurity OperationsLead the development of incident response plans and oversee their execution in case of security breaches.Cybersecurity OperationsConduct regular audits, risk assessments, and penetration testing to ensure system integrity.Emerging Threats and InnovationMonitor the threat landscape and emerging technologies to proactively address vulnerabilities.Emerging Threats and InnovationDevelop partnerships with industry groups, government agencies, and vendors to stay ahead of cybersecurity trends.Emerging Threats and InnovationOversee security for cloud infrastructure, DevSecOps, and third-party vendors.QualificationsEducation & CertificationsBachelor's degree in Computer Science, Information Technology, or a related field (Master's preferred).Industry certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.Experience10+ years of experience in information security, IT risk management, or related fields, with at least 5 years in a senior leadership role.Proven track record of managing enterprise-level cybersecurity programs.Skills & CompetenciesDeep understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT).Strong analytical, problem-solving, and decision-making skills.Excellent leadership, communication, and collaboration abilities.Experience in incident response, cloud security, and data protection strategies.Key Performance Indicators (KPIs)Reduction in security incidents and breaches.Compliance with regulatory and internal security standards.Employee cybersecurity awareness scores.Incident response times and recovery rates.Who are we?GVW Group is a dynamic private investment and industrial holding company dedicated since 1993 to growing and starting businesses. We take an entrepreneurial approach to building value for our scalable early stage, high-growth, and mid-sized operating companies by providing strategic expertise and resources. Along the way, we have expanded globally into diverse industries ranging from manufacturing, to technology, distribution, big data, engineering, and energy efficiency.Where will you work?This role will be based in Birmingham, Alabama, or Chicago, Illinois.What do we offer in benefits?We offer an attractive compensation and benefits package, to include base salary, incentive bonus opportunities, and benefits such as medical/dental/vision options, 401K plan, etc. #J-18808-Ljbffr