Chief Information Security Officer

Job TitleChief Information Security Officer (CISO) LocationBirmingham, AL or Chicago, IL — Onsite, in office-based position Reports toChief Financial Officer (CFO) of GVW Group Job SummaryThe Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise's vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO is a key leadership role tasked with safeguarding sensitive data, mitigating risks, ensuring compliance, and responding effectively to cybersecurity incidents. Key ResponsibilitiesStrategic Leadership Develop, implement, and maintain an enterprise-wide information security strategy and roadmap. Strategic Leadership Advise senior management and the Board of Directors on cybersecurity risks, compliance, and emerging threats. Strategic Leadership Align security initiatives with business objectives to support growth while managing risk. Risk Management and Compliance Identify, assess, and prioritize cybersecurity risks and establish measures to mitigate them. Risk Management and Compliance Ensure compliance with relevant legal, regulatory, and contractual requirements (e.g., GDPR, HIPAA, CCPA, ISO 27001). Risk Management and Compliance Develop and enforce company-wide security policies, procedures, and standards. Cybersecurity Operations Oversee the design, implementation, and maintenance of security infrastructure, including firewalls, intrusion detection systems, and encryption technologies. Cybersecurity Operations Lead the development of incident response plans and oversee their execution in case of security breaches. Cybersecurity Operations Conduct regular audits, risk assessments, and penetration testing to ensure system integrity. Emerging Threats and Innovation Monitor the threat landscape and emerging technologies to proactively address vulnerabilities. Emerging Threats and Innovation Develop partnerships with industry groups, government agencies, and vendors to stay ahead of cybersecurity trends. Emerging Threats and Innovation Oversee security for cloud infrastructure, DevSecOps, and third-party vendors. QualificationsEducation & CertificationsBachelor's degree in Computer Science, Information Technology, or a related field (Master's preferred). Industry certifications such as CISSP, CISM, CISA, or CRISC are highly desirable. Experience10+ years of experience in information security, IT risk management, or related fields, with at least 5 years in a senior leadership role. Proven track record of managing enterprise-level cybersecurity programs. Skills & CompetenciesDeep understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT). Strong analytical, problem-solving, and decision-making skills. Excellent leadership, communication, and collaboration abilities. Experience in incident response, cloud security, and data protection strategies. Key Performance Indicators (KPIs)Reduction in security incidents and breaches. Compliance with regulatory and internal security standards. Employee cybersecurity awareness scores. Incident response times and recovery rates. Who are we?GVW Group is a dynamic private investment and industrial holding company dedicated since 1993 to growing and starting businesses. We take an entrepreneurial approach to building value for our scalable early stage, high-growth, and mid-sized operating companies by providing strategic expertise and resources. Along the way, we have expanded globally into diverse industries ranging from manufacturing, to technology, distribution, big data, engineering, and energy efficiency. Where will you work?This role will be based in Birmingham, Alabama, or Chicago, Illinois. What do we offer in benefits?We offer an attractive compensation and benefits package, to include base salary, incentive bonus opportunities, and benefits such as medical/dental/vision options, 401K plan, etc.#J-18808-Ljbffr