First Orion is seeking an experienced Information Security Officer (ISO), Reporting to the Chief Information Security Officer (CISO), who will be responsible for establishing and maintaining a company-wide program to ensure information assets and technologies are adequately protected from loss, destruction and unauthorized access. Responsibilities The ISO's influence reaches across the entire organization. Responsibilities include, but are not limited to, the following: Build, manage, and maintain a robust Security Compliance Program for First Orion that includes eternal certifications such as SOC2 Type II, HIPAA, ISO27001, PCI, and FedRAMP as well as other specific client requirements as contractually agreed upon that reduce the company’s information and technology risks Work with the business to develop a Security Team, as appropriate, with the necessary skills to oversee all corporate security efforts that drive improvements to stay ahead of increasing security threats and contribute to a reduction in overall infrastructure and personnel risk exposure Collaborate with product and engineering teams on building market leading technical security capabilities across all of First Orion’s products and services Collaborate with sales and account management in responding to prospect and client inquiries and assessments about security Drive continuous improvement in application and network security activities, leveraging internal and third-party penetration testing and vulnerability assessments across the enterprise Audit security operations monitoring, including response team plans and execution for incidents that impact the company or platform Proactively identify security issues and potential threats and continuously build processes, design systems or work with vendors/partners to watch for and protect against incidents Develop and manage the company’s disaster recovery and business continuity plan. Work with the Chief Privacy Officer to assure regulatory information compliance (e.g., US PCI DSS, FISMA, GLBA, HIPAA; UK Data Protection Act; Canada PIPEDA, Europe GDPR) Provide updates on corporate security, compliance, and risks including periodic reports to leadership Educate the organization in security awareness and implement infrastructure, personnel and product threat protection measures at a global level Advocate for secure application, organization and infrastructure best practices Drive thought leadership in the marketplace via conference talks, blog posts, media interviews, etc. to elevate First Orion’s brand recognition as a security leader Requirements At least 5 years of relevant experience in leadership of information security, preferably with both large and small high-growth companies Expertise in cloud security, platforms and services, including understanding of current security offerings from leading cloud service providers (e.g. AWS), and their applicability to securing a SaaS for enterprise security requirements as well as data loss prevention, log management and alerting, and vulnerability scanners Experience in the management of internal and external security audits consistent with international standards and audit remediation Deep knowledge of networking and network security Strong understanding and experience with Secure SDLC and security automation Ability to work under pressure across multiple stakeholders Excellent written and communication skills and ability to communicate across all levels of an organization Success Measures Conduct a thorough evaluation of First Orion’s security program needs, priorities and opportunities in order to develop and promote short and long-term security plans Lead, manage and maintain our information security compliance programs, achieving appropriate certifications within projected timelines Establish trust within the organization and with our clients as a security thought leader Company Benefits: Our work environment is energetic, focused, fun, and collaborative. We’ve created a special culture where trust and transparency are the key and employees are empowered to make their own decisions. Our people are passionate about what we do and have an indomitable spirit to get things done. Everyone is a part of the big picture here. First Orion Voted Great Place to Work US with Top Rankings in every category! Check out the full spread here: https://www.greatplacetowork.com/certified-company/5003330 First Orion is an Affirmative Action and Equal Opportunity Employer. Apply today!
First Orion is a leader in the call protection, call identification and call management industries, focusing on data-driven call transparency across the entire calling experience. We develop world-class data and technology solutions that help our business partners increase customer satisfaction, reduce risk associated with fraud and compliance, and yield more profitable calling solutions. Our applications and in-network services provide call and text blocking, spam and robocall tagging/blocking, call enhancement, caller identification, caller categorization, directory assistance and complaint filing with regulatory agencies in the US and abroad. First Orion protects and enhances the call experience for millions of consumers, provides solutions to some of the largest mobile service providers in the world, and features leading brands in the communication industry (including PrivacyStar) with headquarters in Little Rock, Arkansas and offices in Bellevue, WA, London, England and Dubai, UAE.