Description Key Responsibilities:Information Security Strategy and Planning:
Develop and implement comprehensive information security strategies and programs that align with the business’s overall goals.
Facilitate consultative discussions across departments to identify security needs and integrate them into long-term planning processes.
Framework Implementation (NIST & ISO):
Apply and customize NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 standards to create secure systems, processes, and environments.
Conduct gap analyses to benchmark current security processes against established frameworks and recommend improvements.
Risk Management and Business Impact Analysis (BIA):
Perform and document risk assessments, evaluating potential vulnerabilities and threats.
Conduct business impact analyses to prioritize assets and ensure appropriate allocation of security resources to critical areas.
Compliance Assessments:
Evaluate the organization’s compliance with relevant regulatory standards, such as GDPR, HIPAA, CCPA, and PCI DSS, and provide remediation plans to address deficiencies.
Partner with internal and external auditors to perform compliance-related audits and assessments.
Consultative Engagement:
Act as a point of consultative support for business leaders and departments regarding information security risks, requirements, and best practices.
Collaborate with IT teams, project managers, and other stakeholders to ensure security is embedded into new system implementations and upgrades.
Incident Response and Reporting:
Provide strategic recommendations to review, refine, and enhance incident response capabilities.
Prepare comprehensive security reports, detailing risk analysis, compliance statuses, and other critical information for leadership.
Requirements
Required Skills and Qualifications:
Bachelor’s degree in Information Security, Computer Science, or related field.
3-5+ years of experience in information security, with specific expertise in risk assessments, compliance, and strategic security planning.
Strong working knowledge of NIST, ISO/IEC 27001, and other industry standards.
Experience conducting security-focused business impact analyses.
Familiarity with regulatory requirements such as GDPR, HIPAA, and PCI DSS.
Strong communication skills with the ability to translate technical concepts for non-technical audiences in consultative settings.
Industry certifications such as CISSP, CISM, CRISC, or CISA are highly preferred.
Technology Doesn't Change the World, People Do.®
Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more.All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.© 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s Terms of Use (https://www.roberthalf.com/us/en/terms) .