RaleighRecruiter Since 2001
the smart solution for Raleigh jobs

Information Security Officer (CISO) & Infrastructure Operations AVP

Company: IAT Insurance Group
Location: Raleigh
Posted on: May 3, 2021

Job Description:

IAT has an immediate opening for an Information Security Officer (CISO) & Infrastructure Operations AVP. This role will provide technical expertise and executive leadership to all aspects of information security and IT infrastructure operations. Responsible for establishing and maintaining the Information Security strategy, architecture, and multi-year roadmap that ensures that the companys information assets are adequately protected. This position is also operationally responsible for ensuring the availability, integrity, and scalability for all IT systems and infrastructure.

This is a key leadership position that will direct the teams in charge of information security, cloud services, compute & backup services, network services, unified communications, and infrastructure monitoring.

CISO Responsibilities:

Develop and implement a strategic, long-term information security strategy and roadmap to ensure that IATs information assets are adequately protected.
Work with senior leaders across the business and IT to assess and communicate acceptable levels of risk.
Chair the IAT security steering committee.
Identify, evaluate and report on information security risks to the IAT Security Committee and the IAT Board and provide subject matter expertise on security standards and best practices (e.g. NY DFS Cybersecurity Regulations).
Lead the development of up-to-date information security policies, procedures, standards, and guidelines, and oversee their approval, dissemination, and maintenance.
Monitor the industry and external environment for emerging threats and advise relevant stakeholders on appropriate courses of action.
Act as the champion for the enterprise information security program and foster a security-aware culture.
Oversee the evaluation, selection, and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.
Partner with enterprise architects, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines.
Manage regular intrusion detection and vulnerability reporting, internal and external IT audit groups reviews, and the coordination of all required fixes.
Develop business metrics to measure the effectiveness of the security management program and increase the maturity of the cybersecurity program over time.
Lead the periodic automated and/or manual security vulnerability assessments to identify patch, configuration, and code-related security vulnerabilities.
Liaise with external auditing agencies to ensure that the organization maintains a strong security posture.
Oversee incident response planning and the investigation of security breaches and assist with any associated disciplinary and legal matters.
Oversee and lead the creation, communication, and implementation of a process for managing vendor risk and other third-party risks.
Lead due diligence and post-integration activities related to information security for all M&A activity.
Lead or commission activities relating to contingency planning, business continuity management, and IT disaster recovery in conjunction with relevant functions and third parties

Infrastructure Operations Responsibilities:

Accountable for a high-performing computing infrastructure companywide. This includes, but is not limited to, planning and management of computer operations and production support, business continuity, network operations, telecom, and cloud services.
Collaborate with the VP of Infrastructure and the Platform Engineering Director to help develop strategic and tactical solution plans for IT, especially IATs future technology infrastructure.
Conduct strategic and tactical level planning in partnership with peers in IT Infrastructure to develop a technical roadmap and ensure delivery of supportable technology solutions that meet business needs.
Partner with the VP of Infrastructure and the Platform Engineering Director to build and modernize the organizational structure and business processes to support our growth in an increasingly digital world.
Manage the evaluation and adoption of emerging technologies including cloud, software-defined networking, high-performance computing, and the latest collaboration technologies.
Develop and lead a high performing infrastructure operations team to ensure the reliable delivery of IT services and operations.
Establish, maintain and execute operations procedures that leverage efficiencies and best practices.
Oversee infrastructure service management activities including incident, change, and request management.
Oversee the direction of infrastructure investments in collaboration with team members, VP of Infrastructure, and the Platform Engineering Director.
Oversee cybersecurity protections on all IT infrastructure resources according to policies and standards.
Work with the Platform Delivery team to help drive the delivery of major technology and infrastructure projects and service management improvements.
Implement and maintain controls and monitoring procedures to ensure availability of critical systems and minimal service interruptions.


Bachelors Degree in computer science, engineering, or a related field Minimum 15 years of IT Infrastructure and/or IT Development leadership experience, and 10+ years of information security/cybersecurity experience.
A background in technical IT roles such as IT architecture, development, or infrastructure operations, with a clear and abiding interest in information security is preferred A proven track record in developing information security policies and procedures, and successful execution.
Extensive knowledge of business risk, risk assessment, and risk-based decision making.
Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms), including board level.
Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function.
Ability to effectively prioritize and execute tasks in high-pressure situations.
Knowledge of security, risk, and control frameworks and standards such as NIST, Center for Internet Security Critical Security Controls, and ITIL.
Security technology acumen and experience including but not limited to: firewall, intrusion detection, cyber-attack tools and defenses, encryption, certificate authority, web filtering, anti-malware, anti-phishing, identity and access management, multi-factor authentication.
Substantial experience leading, directing, and controlling a complex, highly technical operational organization.
Understanding of cloud, IaaS, PaaS, and SaaS architectures, and their implications on information security strategy.
Extensive knowledge of infrastructure systems and operations, cloud computing and cloud operations, networking, virtualization, disaster recovery, business continuity, Unified Communications, and infrastructure monitoring.
A track record of working collaboratively and productively with business partners.
Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions, etc.), and willing to undergo vetting and/or personality assessments to verify this if necessary Excellent written and verbal communication, interpersonal and collaborative skills.
Experienced with contract and vendor negotiations.
Professional certifications, such as a CISSP, CISM, CISA.
To qualify, all applicants must be authorized to work in the United States and must not require, now or in the future, VISA sponsorship for employment purposes

We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and participate in E-Verify.

To be formally considered one must apply online through the IAT Career Site.

Applicants should monitor their email for status updates and or requests.

IAT Recruiter: Steve Morley | Senior Recruiter steve.morley@iatinsurance.com Connect| www.linkedin.com/in/stevemorley916

Keywords: IAT Insurance Group, Raleigh , Information Security Officer (CISO) & Infrastructure Operations AVP, Other , Raleigh, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Raleigh RSS job feeds