Background:
The development of a cybersecurity shared services JCORE Community Secure Shared Services Alliance (JCORE, www.jcore.ca) will be created through practices and programs, based on projects that are prioritized and approved through the membership of the JCORE Federation. Key to development of projects designed to substantially reduce cybersecurity risks is provisioning content expertise available to assist all members.

The first shared service to be undertaken by JCORE is to establish a shared cybersecurity service with the appointment of a Chief Information Security Officer (CISO). One of the main deliverables for the CISO will be to deliver a JCORE cybersecurity roadmap.

A comprehensive community-wide cybersecurity roadmap offers several benefits for organizations of all sizes. Here are some of the key advantages:

● Membership wide Expertise: A CISO expert available to members to review and provide strategic direction towards addressing cybersecurity vulnerabilities within their organization.
● Enhanced Risk Management: A roadmap to identify and assess potential security risks, allowing member organizations to prioritize resources and address the most critical threats. This proactive approach minimizes the impact of cyberattacks.
● Streamlined Implementation: A roadmap to create a structured plan for implementing security measures. This ensures a logical and efficient approach, reducing gaps and redundancies in the security infrastructure of JCORE member organizations.
● Improved Preparedness: By anticipating future threats, a roadmap allows member organizations to develop strategies to respond effectively to security incidents. This minimizes downtime and ensures business continuity.
● Better Budget Allocation: A roadmap helps prioritize security investments, allowing you to allocate resources towards the most impactful measures. This ensures JCORE member organizations get the most value from their cybersecurity budget.

The CISO will be an expert cybersecurity resource to assist member organizations of JCORE, in coordination with their own IT staff, with critically important cybersecurity services including, but not limited to:

● Conduct cybersecurity risk assessments, including vulnerability tests.
● Develop, implement, and maintain the member organization’s strategic information security program.
● Oversee the development and enforcement of security policies, procedures, and standards across all member organizations.
● Manage security awareness and training programs for members’ staff.
● Lead an incident response process in the event of a security breach.
● Deliver a roadmap for cybersecurity shared services, with prioritized, scalable deliverables and a budget to reduce cybersecurity risks across member organizations.

Given the scope of work to be undertaken, it is expected this will be a permanent full-time position.

About the Role
The Chief Information Security Officer (CISO) is a vital leadership role responsible for developing, implementing, and ongoing management of a comprehensive cybersecurity program to safeguard the JCORE Community Secure Shared Services Alliance and its member organizations' critical information assets. The CISO, who will be hired and receive full benefits through the Jewish Federation of Greater Vancouver (JFGV), will oversee all aspects of information security, ensuring the confidentiality, integrity, and availability of data across the JCORE Community Secure Shared Services Alliance and its member organizations, including the JFGV.

Responsibilities
● Develop, implement, and maintain a strategic information security program aligned with industry best practices and regulatory frameworks.
● Oversee and/or conduct security risk assessments and implement controls to mitigate identified vulnerabilities.
● Guide member organizations with their cybersecurity requirements.
● Oversee the development and enforcement of security policies, procedures, and standards.
● Manage security awareness and training programs for staff across the JCORE Community Secure Shared Services Alliance and its member organizations.
● Assemble an incident response team and lead the incident response process in the event of a security breach.
● Collaborate with IT teams to ensure the secure design and implementation of technology systems.
● Stay abreast of evolving cybersecurity threats and trends and implement appropriate safeguards.
● Communicate effectively with senior management and member organizations on security risks and mitigation strategies.
● Develop, present and oversee the financial budget for all expenditures and advocate for necessary resources, ensuring alignment with JCORE goals and objectives.

Qualifications
● Minimum 7-10 years of experience in information security, with a proven track record of success in leading and managing security programs.
● Demonstrated leadership and organizational skills.
● Professional certifications in cyber security (e.g., ISC2 CCISP, ISACA CISM, or EC Council CCISO).
● In-depth knowledge of cybersecurity best practices and globally adopted frameworks (e.g., NIST Cybersecurity Framework, ISO 27001), and Canadian Centre for Cyber Security Baseline Controls.
● Experience in conducting security risk assessments and implementing security controls.
● Excellent communication, collaboration, and interpersonal skills.
● Strong understanding of the Jewish Community, non-profit sector, and their unique security challenges is an asset.