The Chief Security Officer (CSO) is an independent, empowered role who directs, coordinates, plans and organizes information security activities throughout the PDC group of companies. The CSO acts as the main or initial point of contact for all issues related to information security, both with internal staff and third parties. The CSO coordinates with a wide variety of individuals from different internal business units, to identify and implement security controls, as well as proactive responses, to current and future information security risks.
Additional Responsibilities
- Act as the central point of contact within PDC Corporation and subsidiaries when it comes to all communications dealing with information security, including vulnerabilities, controls, technologies, human factors issues and management issues.
- Establish and maintain strong working relationships with the stake holders involved with information security matters (Legal Department, Office of the CFO, Information Technology Department, etc.).
- Assist with the clarification of individual information security responsibility and accountability so that necessary information security activities are performed as needed and according to pre-established procedures, policies and standards.
- Coordinate the information security efforts of all internal groups that have one or more information security-related responsibilities in order to ensure that organization-wide information security efforts are consistent across the organization and that duplication of effort is minimized.
- Understand the fundamental business activities performed by PDC and subsidiaries, and, based on this understanding, suggest appropriate information security solutions that adequately protect these activities.
- Develop action plans, schedules, budgets, status reports and other top management communications intended to improve the status of information security throughout the PDC enterprise.
- Obtain top management approval and ongoing support for all major information security initiatives (or supervise others in their efforts with these proceedings).
- Bring pressing information security vulnerabilities to senior management's attention so that immediate remedial action can be taken (this includes consideration of reputation risk and damage to PDC’s image).
- Closely monitor changes in society's information security-related ethics, values, morals and attitudes with an eye toward changes that PDC and subsidiaries should make in response to these developments.
- Prepare post mortem analyses of information security breaches, violations and incidents to illuminate what happened and how this type of problem can be prevented in the future.
- Work with the incident response team to develop suitable public responses to information security incidents, violations and problems.
- Act as the primary liaison and decision-maker regarding the work of information security consultants, contractors, temporaries and outsourcing firms.
- Represent PDC Group and its information security-related interests at industry standards committee meetings, technical conferences and similar public forums.
- Stay informed about the latest developments in the information security field, including new products and services, through online news services, technical magazines, professional association memberships, industry conferences, special training seminars and other methods.
- Sit on the IT Steering Committee meetings in order to provide information and insight on matters related to information security.
- Manage IT security staff members, monitor their work performance, and ensure that they have obtained sufficient continuous training.
Desired Skills and Experience
The candidate must have a Bachelor's degree in Information Systems along with seven (7) to ten (10) years of related experience. Must have strong knowledge of HIPAA/HITECH Act. The qualified candidate must be a Certified Information Systems Security Professional (CISSP).
Additional Qualifications
- The candidate must have excellent team and interpersonal skills, communication skills and the ability to function in a collaborative and collegial environment.
- Must have the ability to communicate with and understand the needs of non-technical internal clients.
- Must have innovative thinking, strong interpersonal skills, high integrity and intelligence, excellent judgment and the ability to think strategically and to conceptualize, launch and deliver multiple information security projects within budget.
- Must have strong organizational skills, ability to generate trust and build alliances with co-workers, excellent listening skills, decision-making ability and the ability to set and reach goals
To apply please contact Neil Harrington and Mike McAlpen