As our chief information security officer (CISO), you will be responsible for strengthening the firm’s information security posture through governance, risk assessments, incident reporting, and effective strategic planning. Reporting to the chief information officer, you will create a strategic information security plan and present your ideas to Commonwealth’s executive stakeholders.
You will use your solid understanding of information security frameworks and best practices established by NIST, ISO, COBIT, and COSO to lead the firm’s information security program. A strong understanding of regulatory expectations regarding cybersecurity, protecting sensitive information, mobile device management, vendor management, application development, and data loss prevention is a must.
- Implementing and governing information security policies, guidelines, and procedures spanning the enterprise
- Creating an enterprise-wide action plan to protect company and client information, monitor cyber threats, and manage information security incidents
- Leading the effort to clearly define, implement, and maintain security controls that comply with federal and state regulations
- Collaborating with Commonwealth’s executive team and Enterprise Risk Management to identify risk gaps and strengthen controls, procedures, and protocols
- Establishing mechanisms to monitor and report on unauthorized system access, network security gaps, tampering of physical IT assets, and global cyber threats
- Providing security technical direction to the Infrastructure and Information Security teams
- Working with Technology teams to identify and implement solutions
- Acting as the champion for the enterprise information security program, as well as for the allocation of resources, to ensure its success
- Serving as a subject matter expert and key contributor during meetings with IT, the Risk Management committee, and Privacy committee
- Mentoring and managing a staff of information security professionals to ensure that business objectives are met
- Managing the development and deployment of information security training modules via online, home office, and/or Commonwealth events
- Presenting on key cybersecurity-related topics during Commonwealth conferences and in-house training events
- Authoring articles to be published in the Commonwealth Business Review, focusing on best practices and tips to strengthen advisor office information security controls
- Presenting on security topics to advisor and client audiences
- Ability to influence decision makers through collaboration, education, and working partnerships
- Keen understanding of industry best practices and regulatory expectations regarding information security protocols, procedures, and processes
- Skilled at creating strategic plans spanning many years and managing projects to implement those plans
- Strong technical acumen working with technical architecture, infrastructure, application development, and security teams
- Strong vendor management skills
- Effective organizational and time management skills
- Ability to solve complex problems in a timely manner by working with multiple stakeholders
- Exceptional ability to clearly define and present complex scenarios and issues to executive team
- Demonstrates strong leadership, management, and teamwork skills by working collaboratively with seasoned information security personnel and the company as a whole
- Strong written communication and presentation skills
- Ability to excel in high-pressure situations
- Exceptional project management skills
Additional skills and knowledge
- Bachelor’s degree in computer science or information systems management, or equivalent experience
- Master’s degree in an information security-related field and/or Certified Information Systems Security Professional (CISSP) certification (or other equivalent certifications) preferred
- 7–10 years of related experience in a leadership information security role
- Strong knowledge of ISO 27001, COBIT, NIST, COSO, and regulatory standards pertaining to information security
Have we piqued your curiosity? Can you see yourself thriving in this opportunity? Let’s introduce ourselves.
About Commonwealth—and Our Anything but Common® Culture
Commonwealth Financial Network® is the largest privately held Registered Investment Adviser–independent broker/dealer in the U.S., with offices in Waltham, Massachusetts, and San Diego, California. Since 1979, we’ve been delivering indispensable service to independent financial professionals so they, in turn, can put their clients first. Our technology, research, resources, and support—plus a variety of affiliation models—deliver what today’s independent advisors need to thrive.
That being said, we are a financial services company with a unique mission—one that encompasses purpose, vision, and core values in equal measure. Staying true to these guiding principles is the reason we are recognized so often and by so many for the quality of life we enjoy here. We believe it directly translates to a better experience for everyone: employees, advisors, clients, and our communities.
Creating a supportive culture where everyone can thrive is a mission we take seriously. From professional development to comprehensive benefits, grassroots leadership opportunities, generous bonus and stock option incentive plans, opportunities to unwind and connect, and so much more, Commonwealth is not just a great place to work—it’s a place that, for many, feels like home.
Commonwealth Financial Network® is an equal opportunity employer that is committed to a diverse workforce.