Chief Information Security Officer (CISO) — Responsibilities

• The CISO or Chief Security Architect develops and implements information security programs to include policies and procedures that protect communications, systems, and assets within an enterprise from internal and external threats.
• This position is responsible for all assurance activities in relation to integrity, availability, and confidentiality of the business, employee, customers and business partner.
• Sometimes the CISO works with the CIO to procure services that manage disaster recovery, security hardware and software, and cybersecurity products.
• CISO anticipates threats and is proactive in preventing them from attacking the organization. This analysis of threats is usually done in real-time.
• They ensure that staff does not steal or misuse data.
• They work with other departments to ensure that everything is working smoothly. They also work with the executive management of the company to determine the level that is acceptable in relation to the risk of the organization.
• They train employees in security awareness, developing practices that are secure, identifying metrics and objectives, procuring security products, and several other areas.
• The CISO ensures that authorized people gain access to areas and systems that are restricted.
• The CISO is also responsible for ensuring that the data privacy of the company is secure, conducting investigations of a digital forensic nature and managing the Computer Security Incident Response Team.
• They also develop and enhance information security management frameworks.

Profile

• CISOs have experience in risk management and auditing.
• They have 7-12 years of working experience in computer science.
• They are leaders and managers of teams or employees.
• Their understanding of IT and security are strong.
• CISOs have an advanced degree in computer science, engineering, and business.
• They must have an understanding of VPN, DNS, authentication, proxy services, DDOS mitigation technologies to name a few.
• They are certified as Certified Information Security Manager, Certified Information Systems Auditor, and Certified Information Systems Security Professional.
• Their earnings range from $153,117 to $251,000.

CISO in Fortune 500 Companies

• Approximately 38% of Fortune 500 cmpanies do not have CISOs.
•  Roland Cloutier is the CISO for ADP