CHIEF SECURITY OFFICER Varolii Corporation
THIS JOB HAS EXPIRED DESCRIPTION
Varolii is a market leader in Customer Interaction Management, helping large enterprises communicate with their customers, members and employees in the most effective and cost?efficient manner. Varolii pioneered the first truly personalized, proactive automated solutions for contact center optimization more than a decade ago. Since that time, we?ve been first to market with applications that have revolutionized how companies interact with consumers. We honed years of experience and technology innovation into targeted application suites tailored to six key vertical markets: healthcare, financial services, airlines, utilities, telecommunications and retail. These application suites combine cross channel communications (voice, text, email and smartphone) with advanced analytics, segmentation, reporting and campaign controls for a seamless solution that yields more profitable outcomes and a better overall service experience. Today, Varolii serves many of the top Fortune 500 and Fortune 1000 companies by delivering a higher return on every interaction. In fact, one out of every three Americans has interacted with Varolii through the more than 450 organizations that trust Varolii to engage their customers and employees in millions of digital interactions every day. Varolii has offices in Seattle, WA & Burlington, MA. For more information, visit www.varolii.com.
The Chief Security Officer is the executive responsible for security and privacy governance, risk management and compliance across the enterprise. This includes ownership of policy development, security incident response and overall compliance efforts.
Proactively protect the availability, integrity, confidentiality, and privacy of all client and business data.
Oversee the company?s ISO 27001 compliant information security management system. Chair the executive-level cross-organizational Security and Privacy Steering Committee.
Work closely with clients and vendors to ensure operational and reporting needs are met. Lead security audits across the company.
Lead efforts in regulatory and industry security and privacy compliance that include ISO 27001 certification, Level 1 PCI DSS certification, Safe Harbor certification and FISMA/FedRAMP authorization as well as compliance with FCC CPNI, GLBA, HIPAA/HITECH and Medicare Part D requirements.
Achieve FedRAMP authorization for company systems.
Own incident response planning/protocol. Investigate security breaches and lead the related response to include internal and external reporting. Chair the CSIRT.
Perform security risk assessments and develop remediation plans in partnership with Operations, Engineering and other relevant groups.
Lead business continuity and disaster recovery planning.
Participate in change control processes and reviews.
Communicate the company?s security stance, including compliance issues, risks, and incidents to upper management and customers.
Consult on other types of security (e.g., physical security issues) as needed.
Provide security content for company RFIs and RFPs.
Requirements (Knowledge, Skills and Abilities):
Knowledgeable about PCI requirements and have worked in a Level 1 PCI-compliant environment for at least 3 years.
Direct experience with managing an ISO 27001 compliant information security management system.
Knowledgeable of HIPAA/HITECH/Medicare Part D (CMS) requirements and have experience working with these requirements.
Knowledgeable of FISMA and/or FedRAMP requirements.
CISSP, CISM, or GIAC GSEC required. Additional CCISO or technical security certifications are a plus.
Previous policy development and enforcement experience in a regulated environment.
Prior experience with business continuity planning, auditing and risk management, as well as contract and vendor negotiations.
Experience with the software development and QA life cycle, SaaS experience preferred.
Knowledge of complex application, network, virtual environment security, and systems operations
Ability to relate business requirements and risks to policy and technology implementation.
Knowledge of risk assessment and remediation procedures.
Proven ability to manage projects and implementations across organizations.
Strong collaborative approach and ability to effectively interface with technical staff, senior management and customers.
Education / Experience:
At least 7-10 years of related experience in security management and leadership to include Director-level responsibilities at a minimum.
A Baccalaureate degree in a related field (CS, MIS, IT) or demonstration of relevant experience and seniority.
||Seattle, WA 98104 |
THIS JOB HAS EXPIRED