GVW Group
Chicago, IL
Job Summary:
The Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise’s vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO is a key leadership role tasked with safeguarding sensitive data, mitigating risks, ensuring compliance, and responding effectively to cybersecurity incidents.
Key Responsibilities
• Strategic Leadership
• Develop, implement, and maintain an enterprise-wide information security strategy and roadmap.
• Advise senior management and the Board of Directors on cybersecurity risks, compliance, and emerging threats.
• Align security initiatives with business objectives to support growth while managing risk.
• Risk Management and Compliance
• Identify, assess, and prioritize cybersecurity risks and establish measures to mitigate them.
• Ensure compliance with relevant legal, regulatory, and contractual requirements (e.g., GDPR, HIPAA, CCPA, ISO 27001).
• Develop and enforce company-wide security policies, procedures, and standards.
• Cybersecurity Operations
• Oversee the design, implementation, and maintenance of security infrastructure, including firewalls, intrusion detection systems, and encryption technologies.
• Lead the development of incident response plans and oversee their execution in case of security breaches.
• Conduct regular audits, risk assessments, and penetration testing to ensure system integrity.
• Emerging Threats and Innovation
• Monitor the threat landscape and emerging technologies to proactively address vulnerabilities.
• Develop partnerships with industry groups, government agencies, and vendors to stay ahead of cybersecurity trends.
• Oversee security for cloud infrastructure, DevSecOps, and third-party vendors.
Qualifications Education & Certifications
• Bachelor’s degree in Computer Science, Information Technology, or a related field (Master’s preferred).
• Industry certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
Experience
• 10+ years of experience in information security, IT risk management, or related fields, with at least 5 years in a senior leadership role.
• Proven track record of managing enterprise-level cybersecurity programs.
Skills & Competencies
• Deep understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT).
• Strong analytical, problem-solving, and decision-making skills.
• Excellent leadership, communication, and collaboration abilities.
• Experience in incident response, cloud security, and data protection strategies.
Key Performance Indicators (KPIs)
• Reduction in security incidents and breaches.
• Compliance with regulatory and internal security standards.
• Employee cybersecurity awareness scores.
• Incident response times and recovery rates.
What do we offer in benefits? We offer an attractive compensation and benefits package, to include base salary, incentive bonus opportunities, and benefits such as medical/dental/vision options, 401K plan, etc.
Apply Online
06-May-2026