Business Information Security Officer - RemoteDefense Industrial Base DIB Exp

Join EVOTEK: North Americas Premier Digital Business Enabler

As North Americas premier enabler of secure digital business we integrate cuttingedge technical expertise across data center network security cloud and communications domains. By delivering cohesive digital solutions we help businesses drive measurable impact and accelerate their transformation.

Our awardwinning culture is the cornerstone of everything we do. Recognized multiple times byInc. Magazineas a Best Place to Work were proud to create an environment where innovation and collaboration thrive. Locally weve been honored byThe San Diego Business Journalas a Best Place to Work more than seven times and our excellence is reflected in accolades like CRNs Solution Provider 500 Tech Elite 250 and Top 150 Growth Companies. Weve also earned a spot among CRNs Triple Crown award winners.

If youre ready to be part of a team that values innovation culture and business impact EVOTEK is the place for you.

The Business Information Security Officer (BISO) will be responsible for helping drive the security strategy by developing and executing security initiatives that span technology process and culture. The (BISO) will be tasked with taking the existing strategy direction and vision and evolving and expanding it to ensure the line of businesses meet and exceed security demands. In this role you will be supporting a group/team to develop a deep understanding of the business to provide guidance on information security topics policies and controls.

• Develop drive and implement Client overall information security program (goals objectives and policies) while establishing departmental goals and priorities to execute on that vision.
• Establish a defined consistent security architecture standard and work with Clients to implement technical controls in line with cutting edge best in class security and privacy standards.
• Drive Client domestic and international projects to meet emerging cyber security requirements data protection and privacy laws.
• Implement approved policies and procedures to ensure information security efforts are properly coordinated and in compliance to make recommendations for changes and improvements to reduce Client overall security risk.
• Monitor and assess the compliance of Client organizations with information security policies and procedures while ensuring thirdparty compliance.
• Oversee Client incident response planning data loss prevention and remediation of breaches serving as the focal point for response delivery.
• Implement ongoing Client risk assessment programs targeting information security and privacy matters; recommend methods for vulnerability detection and remediation and perform and/or oversee vulnerability testing.
• Coordinate and deliver information security reporting and assessments as required by regulatory agencies clients and management.
• Work with peers across the company to review customer feedback/ requirements and ensure that security strategy and roadmaps are aligned with the security needs of Clients.
• Keep current on the latest security and privacy legislation regulations alerts and vulnerabilities pertaining to the organization. Conduct continual research to maintain knowledge of technology customer needs and overall requirements.
• Participate in key initiatives and projects to ensure that cybersecurity controls are accounted for early within the project and software development lifecycles.
• Ensure risk assessments are conducted on Client highrisk business applications. Provide escalation for highrisk issues arising from those assessments. Ensure remediation plans are tracked to completion.

• Cyber Compliance Assessments & Regulatory Compliance experience specifically NIST 800171 CMMC and DFARS.
• 10 years of Cybersecurity experience ideally within the oil industry or Defense Industrial Base Sector with a background in Security and Compliance.
• Seasoned track record of assessing threat and vulnerability from a business and technical perspective.
• Ability to develop and champion pragmatic security solutions that support growth of the business.
• Experience developing a strategic comprehensive enterprise information security and IT risk and privacy management program.
• Experience with supporting customerfacing products not just internal.
• Ability to create a culture of accountability and security.
• Ability to communicate and engage effectively with a diverse audience including front line technical staff nontechnical staff management executives and vendors/providers.
• Selfstarter with the ability to lead tasks with demonstrated ability to work independently.

• Salary commensurate with years of experience technical expertise and geographic location.
• Salary range: $150000 to $190000.
• Performance bonuses.
• Benefits package that includes 100 paid medical dental and vision for the employee.
• 401(k) with employer match.
• Strong company culture.
• Flexible PTO policy.
• Flexible working arrangements.
• Annual company overnight retreat.

EVOTEK believes that everyone has the ability to make an impact and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex race creed color gender religion marital status domestic partner status age national origin or ancestry physical or mental disability medical condition sexual orientation pregnancy military or veteran status citizenship status and genetic information.

Required Experience:

Unclear Seniority