Develop, implement, and monitor a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information assets owned, controlled and/or processed by the client’s organization.

Guide, direct and advise the organization on an ongoing basis to manage day-to-day enterprise security, risk management and enterprise governance. Work throughout the organization to set service framework and general policies, and ensure these are being utilized and audited. Continuously monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

Provide direction, insight and recommendations for investments in people, systems and tools relative to enterprise security, compliance and regulatory requirements.

Provide recommendations on activities to deliver on approved strategies.

Ongoing oversight of enterprise security, organizational compliance and fulfillment of critical regulatory requirements. Develop and execute procedures, processes and key performance indicators (KPIs) to provide a clear view of performance and achievement. Additionally, oversee technology dependencies outside of direct organization control, including reviewing contracts and the creation of alternatives for managing risk.