Chief Information Security Officer

Sciens Building Solutions
Tallahassee, United States of America
6 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Tallahassee, United States of America

Tech stack

Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Backup Devices
Software as a Service
Cloud Computing Security
Computer Security
Disaster Recovery
Identity and Access Management
Network Security
PCI Data Security Standards
Phishing
Security Information and Event Management
Systems Integration
Software Vulnerability Management
Google Cloud Platform
Information Technology

Job description

Sciens is seeking a Chief Information Security Officer (CISO), who will be responsible for establishing and operating a right-sized, risk-based cybersecurity program that protects the company, supports growth initiatives, and aligns with value-creation objectives. This role balances hands-on execution with strategic oversight, ensuring security enables business performance and mergers & acquisitions (M&A) activity.

The key objectives of the role will be to:

  • Reduce cyber risk that could impact valuation

  • Establish repeatable, scalable security controls across the company

  • Support due diligence, integrations, and audits

  • Build a roadmap that will improve cyber maturity without enterprise-level cost or complexity

  • Provide clear, board-level visibility into risk posture

  • Deliver measurable reduction in critical vulnerabilities and incident risk

  • Perform successful audits and customer security assessments

  • Improve/reduce cyber insurance terms and premiums

WHAT YOU'LL BE DOING (and doing well!)

  1. Security Strategy & Governance
  • Develop and maintain a pragmatic cybersecurity strategy and roadmap aligned to business objectives
  • Define security policies, standards, and procedures appropriate for a fast growing SMB environment
  • Establish cybersecurity governance, risk appetite, and reporting mechanisms
  • Present cyber risk updates to executive leadership and private equity (PE) stakeholders in plain business terms
  1. Risk Management & Compliance
  • Identify, assess, and prioritize cyber risks using a risk-based approach
  • Oversee vulnerability management, penetration testing, and remediation efforts
  • Lead compliance initiatives, such as SOC 2, ISO 27001, NIST, CMMC, HIPAA, PCI-DSS
  • Ensure third-party and vendor risk management processes are in place
  1. Incident Response & Resilience
  • Own the incident response plan, tabletop exercises, and breach readiness
  • Lead response to security incidents, ransomware events, or data breaches
  • Coordinate with legal, insurance, forensics, and external advisors as needed
  • Oversee backup, disaster recovery, and business continuity planning
  1. Technology & Operations
  • Oversee core security tooling (IAM, endpoint security, SIEM/MDR, email security, cloud security)
  • Ensure secure configuration of cloud, SaaS, and on-prem environments
  • Partner closely with IT and operations teams to embed security into operations
  • Make cost-effective build vs. buy decisions
  1. M&A Support
  • Support cybersecurity due diligence for acquisitions
  • Assess security posture of acquisition targets and provide risk summaries
  • Lead or advise on post-acquisition security integration and remediation
  • Align security maturity with PE exit strategy (strategic buyer or IPO readiness)
  1. Culture & Awareness
  • Build a security-aware culture through training and phishing simulations
  • Act as a business-friendly security advisor
  • Educate leadership on cyber risk, insurance implications, and regulatory exposure

Requirements

  • Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
  • 10+ years in information security, IT risk, or cybersecurity leadership
  • Experience in SMB, PE-backed, or high-growth environments
  • Strong working knowledge of:
  • Cloud security (AWS, Azure, GCP, SaaS)
  • Identity & access management
  • Endpoint and network security
  • Incident response and ransomware defense
  • Proven ability to communicate cyber risk to non-technical executives and investors

  • Experience with at least one recognized security framework (NIST, ISO, CIS)

  • Excellent problem-solving and analytical skills.

  • Strong communication and interpersonal abilities.

  • Ability to manage multiple projects and meet deadlines in a fast-paced environment., * Prior experience supporting private equity portfolios or M&A

  • Experience standing up a security program from scratch

  • CISSP, CISM, or equivalent certification

Benefits & conditions

Tuition reimbursement, Health insurance, 401(k) matching, Paid time off, Vision insurance, Dental insurance, Life insurance, Disability insurance 400 South Monroe Street, Tallahassee, FL 32399, * Competitive salary based on qualifications.

  • Paid time off plan and holidays.
  • 401(k) matching.
  • Short term and long-term disability.
  • Medical, dental, and vision plans with options.
  • Life insurance.
  • Company laptop.
  • Professional career development opportunities.
  • Tuition reimbursement program.

Apply for this position