Job Summary
The Deputy Chief Information Security Officer (DCISO) supports the Chief Information Security Officer (CISO) in establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are protected.
Principal Duties and Responsibilities

• Strategic Leadership: Assist the CISO in developing and maintaining a company-wide information security strategy and program to combat information security threats.
• Policy & Compliance: Ensure organization-wide adherence to information security policies, standards, and regulations. Prepare for and lead internal audits and assist with external audits.
• Security Awareness: Lead security awareness training initiatives to ensure staff understands and adheres to critical security policies.
• Incident Response: Oversee and participate in the incident response team. Ensure rapid and effective response to security incidents.
• Risk Management: Assist in evaluating potential security risks and develop strategies and measures to manage and mitigate them.
• Vendor Relationships: Engage with vendors to understand the security features and shortcomings of their products and services.
• Program Management: Oversee security projects, ensuring that milestones are met and are in line with security standards.
• Reporting: Provide regular reporting on the status of the information security program to senior business leaders and the board of directors.
• Oversee IT Security Governance, Risk and Compliance: review approved use of compensating controls, approve exceptions, and work with internal and external auditors.
• Supervise department staff: Assign personnel to projects and direct their activities, ensuring time is utilized effectively. Coach/Mentor staff. Understand departmental objectives and direct staff in accordance with them. Ensure development of staff for proper succession planning. Administer the performance review process for the department. When required establish job requirements, interview candidates, determine appropriate salary and title and make final hiring recommendation. Monitor the attendance of the department staff. Address performance problems when required. Plan and monitor staff development to meet the department objectives.
• Monitor and control expenses for cybersecurity and related IT technology effectively. Other duties as assigned.

Knowledge, Skills, and Abilities

• Bachelor's degree or equivalent experience with 10 years of experience in IT, with 8 years in Information Systems roles, and a minimum of 5 years in leadership positions.
• Security management certification; Certified Information Systems Security Professional (CISSP), and Security Manager or Auditor (CISM/CISA)
• Strong background in Information Security ("IS"): physical, environmental, telecommunications and network, and software development
• Experience leading IS operations in the areas of emerging threat: identification, response, and innovative mitigation strategies
• Knowledge and understanding of relevant legal and regulatory requirements, including SOC reports
• Knowledge of security operations, architecture and design, access control, cryptography, and business continuity and disaster recovery
• Ability to communicate clearly and effectively with C-Suite leadership, and Board of Directors, craft and present information to leaders in a concise and informative manner
• Internally motivated; high initiative, dependability, and ability to work with limited supervision with exceptional quality and diligence
• People skills: communication, decision making, guiding and motivating, forming partnerships to drive Cybersecurity and IT security strategy forward

Compensation
Nassau maintains a holistic compensation philosophy focused on competitive base salaries, performance driven incentives, and unique professional development opportunities. The combination of compensation, benefits, and an entrepreneurial culture along with related experiences is key to recruiting and retaining talent. Our compensation system is designed to reward performance, support development and job growth, and compensate individuals relative to their contribution to our organization. The compensation for this position falls within the following range: $170,000-$200,000.
Visit our Careers page and apply online at www.nfg.com
Based in Hartford, CT, Nassau Financial Group is a growth focused and digitally enabled financial services company with three distinct and closely connected businesses: insurance, reinsurance, and asset management. Nassau was founded in 2015 and has grown to $1.5 billion in total adjusted capital and $23.7 billion in assets under management.
As part of a young and growing financial services enterprise, our employees are tapping into a new entrepreneurial spirit while they build on a long track record of putting customers first, understanding the evolving income and protection needs, and developing quality products to meet those needs.
Nassau provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.