Chief Information Security Officer (CISO) | Maine
At Systems Engineering, our mission is to enable the exceptional with our clients, employees, and the community.
As a result, we continue to invest heavily in being the premier technology employer in Northern New England. We are 100% employee-owned which gives us the unique opportunity to combine shared equity with empowerment to create an incredible career development opportunity.
We have an immediate opening for a Chief Information Security Officer (CISO)to join our Advisory Services team. This role leads the development and implementation of a comprehensive information security program that encompasses technology, processes, and people. This role will require strategic planning, strong leadership, and deep technical knowledge in IT security.
The CISO is tasked with developing and implementing a holistic information security strategy, encompassing risk management, compliance, incident response, governance, and privacy. Key responsibilities include security strategy development, risk management, data governance & privacy compliance, incident response management, security awareness and training, collaboration and communication, and technology & infrastructure security.
The ideal candidate will possess a strong technical background in IT and information security and demonstrate strong leadership, strategic thinking, effective relationship building, and a deep technical understanding of cybersecurity threats and mitigation strategies.
- Direct the security planning and implementation of enterprise IT systems, business operation, and software. This role will oversee the development of policies, standards, guidelines, and procedures to ensure ongoing maintenance of security.
- Coordinate the implementation of appropriate information security policies and procedures, including oversight of NIST CSF and 800-171 alignment efforts.
- Ensure compliance with the changing laws and applicable regulations related to information security.
- Lead contract reviews and negotiations that contain security-related provisions, which may include contracts with vendors, partners, and customers.
- Implement risk management program including risk identification and mitigation strategies while communicating risks to relevant stakeholders, including the senior leadership team and periodically the board of directors.
- Assess and update privacy practices in accordance with evolving privacy laws and practices.
- Manage and respond to security incidents, ensuring timely resolution and minimizing impact on business operations.
- Collaborate with the senior leadership team, aligning security initiatives with enterprise goals and business objectives.
- Oversee the development and implementation of disaster recovery and business continuity plans.
- Conduct regular security assessments and monitor the company’s network for security breaches.
- Degree in Computer Science, Information Technology, or a related field preferred and/or at least 8 years of experience in the information security field, with a focus on managing security in a Managed IT Services environment. Industry certifications such as CISSP, CISM, or CISA are highly desirable.
- Proven experience in planning, organizing, and developing IT security and technology policies and programs.
- In-depth knowledge of security frameworks (NIST Cybersecurity Framework, NIST 800-171, NIST RMF, ISO 27001, etc.) as well as knowledge of relevant laws and regulations and other industry-specific compliance requirements.
- Experience in managing security incidents and conducting security investigations as well as the ability to assess and manage risks effectively, ability to identify potential threats and vulnerabilities and implement appropriate measures to mitigate them.
- Knowledge of security protocols, encryption, network security, and risk management as well as an understanding of networking, systems, application architecture, and security.
- Demonstrated ability to build and maintain strong relationships with key stakeholders and clients.
- An effective & adaptable leader, strategic thinker, and collaborator who can motivate, mentor, and guide team members to achieve common security goals while aligning security initiatives with the overall business objectives of Systems Engineering.
- Possess exceptional communication skills and can convey complex technical concepts to both technical and non-technical stakeholders.
- Uphold ethical standards and ensure the protection of sensitive data and information.
Our Benefits & Culture
Systems Engineering has three office locations: Our Portland, Maine office is located in the heart of the Old Port in downtown Portland positioned centrally to the waterfront, trails, parks, and restaurants. Our New Hampshire Office is located in the Brady Sullivan Tower just steps from downtown Manchester. Our Pineland Farms Office is located at Durham Hall on the Pineland Farms Campus, New Gloucester, Maine.
Being 100% employee-owned, the employee-owners of Systems Engineering are its most valuable resources who have collectively made Systems Engineering a Best Places to Work Company in Maine for over a decade. We pride ourselves on delivering great outcomes for our culture, clients, and our community by cultivating a culture focused on continuous learning, community impact, and employee ownership.
In addition to a competitive salary, our benefits include:
- Employee Ownership (Employee Stock Ownership Plan) – As an employee-owner, you directly contribute to the strategic direction, growth, workplace culture, and future of the company.
- Employer 401k matching contributions.
- Competitive medical, dental, life, and short & long-term disability insurance.
- Paid Time Off starting with 17 days PTO, nine paid holidays, and two weeks paid parental leave.
- Community Engagement benefits including (8) hours of paid community volunteer time & employer-charitable match.
- Engaging wellness programs including onsite health coaching & onsite fitness facilities.
- Career mobility and professional development, with employer-supported training, learning, and certification opportunities.
- Dynamic, fun, and active community culture.
- Hybrid Workplace, which fosters collaboration, mentorship, and training & development opportunities across our organization.
- Employer-provided parking at our office locations.