Job Post: Chief of Information Security, Risk and Compliance

Chief of Information Security, Risk and Compliance Nashville, TNPOSITION OVERVIEWWe are seeking a Chief of Information Security, Risk and Compliance to leadall aspects of Information Technology Services strategy and executionrelating to IT Security, Risk Management and Compliance while leading a teamof professionals covering all aspects of threat & risk identification,mitigation planning strategy, policy definition and compliance program.  In this high profile role, critical relationships include CIO, ITS, CompanySecurity, PC Compliance, Security Administration, Federal GovernmentSecurity, Office of Privacy, and other associated departments outside of ITSrelated to company regulatory, legal and privacy programs. RESPONSIBILITIESOverall ownership for all technology security including perimeter defenses,network, WAN/LAN, user devices, telecom, content protection, identity accessmanagement & restrictions, server security, and application controls. Responsible for assessing and ensuring that all our technology solutions andservices are properly secured against unauthorized access and exposures,including outsourced and hosted solutions. Understand the needs and implications of the various legal, privacy andregulatory bodies that impact our various businesses and ensure that we areadequately addressing each. Operating a risk based compliance program across all ITS areas with respectto established policies, standards, processes, and procedures as well aspractice protection guidance. Operating a formalized risk management program including identification of”worries”, analysis, reporting and remediation planning. Driving internal audit and ITS compliance program results across allappropriate systems/areas within ITS. Deliver an onongoing Information Security awareness program for ITS andCompanywide.  Ensure proper access controls, restrictions and activitytracking for Companywide. Defining the strategic and tactical aspects of our eDiscovery program insupport of OGC. Defining all appropriate ITS driven Information Security and data managementpolicies and collaboration on nonITS policies when needed. Provide support for various investigation including Privacy, OGC, HR andEthics. Operating the response process covering client security inquiries includingmanagement of all supporting material, reviewing SOW from a security riskperspective, and managing client related audit activities. Delivering strategic and tactical solutions for the US Firms Records(electronic & physical) and overall content management initiatives,including the disposition of employee files, sunsetting applications,records archival, downstream data and record duplicates (including inpreproduction environments), etc. Manage the requirements and achievement of appropriate certificationprograms surrounding information security. MUST HAVE QUALIFICATIONS15+ years of relevant technology experience preferably in a ProfessionalServices environment including proven leadership of similar InformationSecurity organization for a large scale environment. Working knowledge of Content Management arena including records management,eDiscovery and data classification. Strong knowledge of the various legal, privacy and regulatory areasimpacting our business. Demonstrated experience in executing a compliance program or internal auditapproach. 

Demonstrated experience in executing a practical risk management framework.

College degree required.

 Demonstrated accomplishments in the following areas:-   Working with an executive team in a trusted business advisorcapacity to influence, articulate and assist in implementation of businessstrategy. –   Able to engage and earn commitment from senior ITS leadershipconstructively throughout the entire project life cycle.  –   Able to engage senior business leadership in a constructiveprofessionally consultative manner to gain trust and provide appropriateprofessional guidance and insight. –   Thought leadership (includes internal innovation/creativity andoutside eminence).-   Leadership skills (ability to assess talent,influencing/persuasiveness, confidence, courage, executive presence,visibility and approachability)-   Developing people and leading teams (includes advocacy, managingvirtually, supporting W/L balance, coaching and training) –   Project management (includes change management activities) andcrisis management.  –   Operational excellence (includes ROI, budgeting/operations, metrics,etc.)-   Quality and risk management.-   Professional judgment (including practical approach, appropriaterisk taking and political savvy)-   Willingness to travel COMPENSATION OVERVIEWThis position includes a competitive base salary, annual cash performancebonus program, comprehensive relocation program and superb benefits. FOR CONSIDERATIONQualified candidates should submit a resume as a Word document attachmentalong with an introductory email.  All inquiries will be treated in aconfidential manner. Karen Murphy – Managing DirectorAugust AssociatesTel 508-833-9622EMAIL KarenM@AugustAssociates.net