Chief Information Security Officer

Chief Information Security Officer (CISO)

We are looking for a Chief Information Security Officer (CISO) to join our growing team

Role: Chief Information Security Officer (CISO)

Location: Dallas, TX

The CISO will be responsible for establishing, implementing, and maintaining the organization’s information security strategy. This role ensures the protection of company data, systems, and infrastructure against cyber threats while aligning security initiatives with business objectives.

The CISO will directly own enterprise IT security, internal security operations, and overall cyber risk posture for the organization. Key Responsibilities Strategic Leadership

· Develop and execute a comprehensive enterprise cybersecurity strategy

· Align security initiatives with business goals and risk appetite

· Advise executive leadership on security risks and mitigation plans

· Extend the enterprise security strategy to include AI / Generative AI risk management, covering emerging areas like LLMs, agentic frameworks and intelligent automation systems

· Incorporate evolving guidance from frameworks such as the NIST AI Risk Management Framework

· Own and provide executive leadership for threat detection, incident response, and vulnerability management delivered through internal IT teams.

· Conduct regular risk assessments and penetration testing

· Establish disaster recovery and business continuity plans

· Ensure compliance with industry standards and regulations (ISO 27001, NIST, GDPR, etc.)

· Develop and enforce security policies, procedures, and controls

· Lead internal and external security audits and remediation tracking

· Technology & Infrastructure Security

· Oversee security architecture including IAM, SIEM, endpoint protection, and cloud security

· Evaluate and implement security tools and technologies

· Monitor emerging threats and adapt enterprise defenses accordingly

· Promote a culture of security awareness across the organization

· Conduct employee training and awareness programs

Stakeholder Management

· Collaborate with IT, legal, compliance, and business units to embed security across enterprise operations.

· Act as the primary point of contact for security incidents

· Report security posture to senior leadership

Governance, Risk Management & Compliance

· Lead enterprise security strategy for internal AI / Generative AI usage, including LLMs, AI-assisted tools, and automation platforms used across business functions, ensuring governance and risk oversight

· Define and enforce AI governance policies for internal adoption, covering data usage, access control, model consumption, and third-party AI platforms

· Align AI security posture with enterprise risk frameworks and regulatory standards (NIST AI RMF, ISO, GDPR, EU AI Act, etc.)

· Establish and operationalize security guardrails for AI consumption, including prompt safety, input/output controls, access management, and secure integrations across enterprise systems

· Monitor and mitigate AI-specific risks within enterprise usage, including prompt injection, data leakage, model misuse, bias exposure, and compliance violations

Client Assurance, RFP & Market Engagement

· Lead security responses for RFPs, RFIs, and client due diligence processes.

· Provide authoritative responses on AI security, data protection, and model risk

· Support large deals through direct client interactions, security briefings, and trust discussions with client stakeholders

· Advise clients on AI security, governance, and risk management best practices

· Support client AI risk assessments and security evaluations

· Develop reusable security artifacts (policies, whitepapers, AI risk frameworks) to support sales enablement and client assurance

Required Qualifications

· Bachelor’s or Master’s degree in Computer Science, Information Security, or related field

· 15+ years of experience in information security, with 5+ years in leadership roles

· Strong knowledge of cybersecurity frameworks and standards

· Experience in risk management, compliance, and incident response

Preferred Certifications

· CISSP (Certified Information Systems Security Professional)

· CISM (Certified Information Security Manager)

· CISA, CEH, or equivalent.