Chief Information Security Officer

Smith & Associates is a leading and globally recognized supply chain distribution company. With a strong commitment to security and compliance, we are looking for an experienced and dedicated Chief Information Security Officer (CISO) to join our team. As a vital member of our organization, the CISO will play a pivotal role in ensuring the security and resilience of our digital infrastructure, sensitive data and business security.
The Chief Information Security Officer (CISO) will lead the strategic efforts to protect the confidentiality, integrity, and availability of Smith's information assets. The CISO will manage the comprehensive cybersecurity initiatives, manage risk, and ensure the adherence to industry standards and regulations within the complex landscape of global supply chain trading. The CISO will also carry out the security incident investigation, business fraud tracking and investigation, and report the results to the senior management team.
If you are a seasoned cybersecurity and business security professional with a passion for securing international supply chain operations and are ready to lead in a challenging and dynamic environment, we encourage you to apply for the position of Chief Information Security Officer at Smith & Associates. Join us in our mission to ensure the secure and efficient flow of goods and services across global markets.
Principle Accountabilities:

• Security Policies: Establish and enforce security policies, procedures, and guidelines to protect digital assets, sensitive trade data, and intellectual property.
• Risk Management: Conduct risk assessments and develop risk mitigation plans to safeguard the organization against cyber threats and vulnerabilities. Be responsible for the business fraud investigation and mitigation.
• Incident Response: Create and maintain an effective incident response plan, ensuring timely and efficient recovery from security breaches and disruptions.
• Incident Investigation and Forensics: Carry out the thorough search and investigation on the security incidents. Work with internal team and possibly external force as forensics.
• Regulatory Compliance: Ensure compliance with global trade, import/export, and data protection regulations, such as C-TPAT, EAR, ITAR, and GDPR.
• Security Awareness: Develop and oversee a security awareness program to educate employees, trading partners, and stakeholders about best practices in cybersecurity.
• Vendor Security: Evaluate and monitor the security practices of third-party vendors, partners, and service providers.
• Stakeholder Collaboration: Collaborate with internal and external stakeholders, such as customs authorities, shipping partners, and regulatory bodies, to ensure security standards and trade compliance.
• Reporting: Provide regular reports and updates to executive management and the board of directors on the state of cybersecurity and compliance

Qualifications:

• Industry-recognized certifications, such as CISSP, CISM, or CISA.
• Proven experience in a leadership role in Information Security, with at least 8-10 years of relevant experience.
• Strong understanding of supply chain operations, trade regulations, and customs procedures.
• In-depth knowledge of cybersecurity technologies, tools, and best practices.
• Exceptional communication and leadership skills.
• Ability to adapt to a dynamic global trading environment and make critical decisions under pressure.
• Experience with artificial intelligence (AI) and machine learning (ML) security
• Experience with DevOps and security automation
• Experience with security awareness training and education
• Experience evaluating and managing cyber risk and working within industry-standard frameworks (e.g. NIST Cybersecurity Framework, CIS Top 20, NIST 800-XX, etc.)
• Knowledgeable of methodologies such as Cyber Kill Chain and Diamond Model of Intrusion Analysis models
• Bachelor's degree in Information Security, Computer Science, or a related field (Master's degree preferred).

Benefits:

• Competitive compensation and benefits package.
• Opportunity to lead and shape the security strategy in a prominent supply chain trading company.
• Professional development and training opportunities.
• Inclusive and collaborative work environment.

#Ji-LI1
We are an Equal Opportunity/Affirmative Action Employer.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
We are an Equal Opportunity/Affirmative Action Employer.