Chief Information Security Officer | Portland, OR

Are you interested in working for a collaborative organization that brings together innovative thinkers and experts? Is working for a company that is committed to their clients’ interests and leaders in their field important to you? If you are a leader that thrives by delivering extraordinary experiences and differentiated client value within a secure data environment, then you need to read on.

Our client is looking for a Chief Information Security Officer for their corporate headquarters in Portland Oregon. This is a brand-new position based on the goals of the organization. It’s a unique opportunity as well; you will be supporting a diverse mix of insurance and investment management businesses while partnering with M’s Member Firms, helping ensure M is designing and implementing best-in-class process and technology standards to secure their data. So, you will be able to flex your intellectual muscle, working in a variety of environments. You and your team will own all assurance activities related to the availability, integrity, and confidentiality of customers, business partners, employees, and business information in compliance with the organization’s information security policies. You will partner with the leadership team to determine acceptable levels of risk for the organization. You will establish and maintain a corporate-wide information security management program to ensure that information assets are protected. You will lead and guide the work of technical staff, serving as a liaison between the business and technology, planning project stages, and assessing business implications for each stage. You will monitor the progress to assure deadlines, standards, and cost targets are met. You will prioritize and allocate projects, products, and resources with the assistance of architects and team leads. You will collaborate and prioritize with management to ensure all software and hardware projects adhere to security policies and are compliant with regulatory authorities. You will provide in-depth support for information security incidents including internal violations, cyberattacks, viruses, and system outages. You will also organize and facilitate a cross-functional information security committee and act as the security information ambassador to department heads, Member Firms, and others within the company who are seeking more information and best practices around information security.  

Fast forward a year, what will you be doing?

You have established a secure, stable team with a strong personal brand. You have deep expertise in the security program. You have demonstrated a highly collaborative business approach, therefore, established credibility across the firm. You have built consensus across the various lines of business as well as the Member Firms. You have designed and implemented the overarching Cyber program. You have successfully partnered and transitioned the program from the external consulting firm to in-house. You have made the appropriate changes. You have established the Information Security charter and committee. You have presented the IS roadmap to the Board as well as the IS committee and have received buy-in. You have recommended the appropriate IS changes to the business and member firms. 

You are collaborating with the VP of Technology, ensuring the impact to information security is being considered throughout the company. You have completed your SIE exam as well as your Series 99 or Series 24 exam. You have established yourself to be a credible, go-to resource for questions relative to security. You are successful, respected, and happy.  

How will you get there? 

30 days: 

Meet the leadership team as well as technology leadership and vCISO

Work with the external consultant to understand the current landscape

Review in-depth findings and form a point of view

Prioritize the next 90 days

Engage with the leadership team

Pursue security license: SIE exam along with the Series 99 or Series 24

90 days:

Meet with key Member Firms

Understand their business & goals, their technical processes & business

Achieve the Series 99 or Series 24

Complete the budget cycle

6 months:

IS roadmap is developed

Start to implement the roadmap

Traction on your priorities

IS Charter & Committee is established

What you will need:

8 + years of experience in risk management, information security, and IT with more than 2 years leading a complex, highly-regulated cybersecurity organization (processes and people)

2 or more relevant security-related certifications preferred, i.e., C|CISO, CISSP, CISM, CRISC, GCIH or equivalent

A Bachelor’s Degree or an equivalent combination of education and experience is required. Major in Information Technology, Cybersecurity, and Computer Forensics related fields preferred.

Industry experience in financial services, insurance, securities, or other highly regulated industries

Proven success in establishing a security charter as well as executing a security roadmap

Progressive experience as an IT/Security analyst, having advanced your career with a demonstrated ability to work at a strategic level as well as get into the details when necessary

Familiarity and preferred background with the Investment Advisors Act of 1940; Securities Act of 1933 and Investment Company Act of 1940; FINRA and SEC rules; and state regulations

Investment services experience with an understanding of key business functions and regulatory requirements

Knowledge of communication information security management frameworks, such as ISO/IEC 27001, NIST, SOC 2, etc.

Excellent written and verbal communication skills and a high level of personal integrity

Experience with contract and vendor negotiations and management including managed services

Ability to lead by influence across the enterprise, driving change through credibility and influence

Broker-dealer experience is a plus

Securities licenses, SIE, and Series 99 or the desire to obtain within 6 months of hire

Our client is a community of leaders comprising the best and brightest minds in their industry. Their network of 135+ Member Firms delivers expert advice and guidance to high-net-worth clients who need complex insurance and financial planning services. This includes life insurance, wealth planning

executive benefits, retirement services, and investment management.  By combining individuals’’ expertise and skill, our client has become a powerful force committed to advancing the 

interests of their industry, communities, and clients for over 40 years. M’s solutions are rooted in the diverse expertise of their team, their collaborative approach to innovation, and comprehensive support. 

They embrace a progressive, dynamic mindset for every role. Our client provides a professional community that actively supports individuals with diverse backgrounds and perspectives who come together to build and support best-in-class solutions. 

Our client is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status, or any other characteristic protected by law.