Job ID: 138
Location: Richmond VA
Summit Human Capital is seeking a Fully Remote Fractional CISO for our client based out of Nashville, TN. This is a minimum of a 6 month contract. The ideal candidate will meet the following criteria:
• Ability to provide a flexible schedule and a variety of hours on a monthly basis. • Utilize extensive knowledge of SOC II, NIST, incident response, disaster recovery and other security related procedures and environments. • Ability to provide business acumen and consultancy regarding Information Security • Knowledge of HIPAA or HITRUST best practices and compliance
• Background in the medical/healthcare industry
• Develop and deploy an Information Security Strategy in order to protect staff, data, infrastructures and assets from compromise and unintended access • Develop information security, disaster recovery, and business continuity policies and procedures, organizes and trains customer leadership and personnel on how to respond to security or disaster events. • Lead Incident Response in the case of a breach. • Utilize intellectual property to conduct or facilitate the execution of critical information security or compliance audits including: Cybersecurity Assessment (e.g. NIST 800-171, ISO 27001), Attack and Penetration Testing, SOC I, II, III Compliance Assessment, PCI Compliance Assessment, or similar assessments. • Lead projects for disaster recovery and business continuity improvements. • Lead projects for security awareness, risk and compliance remediation. • Provide management and oversight over customer’s existing IT security organization team members, conducts performance reviews, interviews and hires critical IT security staff. • Respond to inquiries for Information Security practices and compliance to partners, customers, or regulatory agencies. • Receive and responds to notifications of attack or data breach. • Prepare reports for executive leadership on the state of readiness and incidents. • Review contracts for information security systems and partners and helps identify requirements for Cybersecurity Liability Insurance.