Chief Information Security Officer

‍Who We Are

Renovo Financial is a dynamic and fast-growing private lender and mortgage servicer based in Chicago, dedicated to partnering with real estate investors who acquire and renovate single and multi-family residential properties. We take pride in delivering exceptional support to our clients, guiding them seamlessly from loan application to pay off with a commitment to unparalleled service. Our focus on reliability and a “win-win” approach has earned us an industry-leading repeat and referral rate, reflecting the strong relationships we build with our clients.

Position Summary

We are seeking a Fractional Chief Information Security Officer (CISO) to provide executive-level leadership and strategic direction for our cybersecurity program. This role will serve as a trusted advisor to Renovo’s leadership team, helping shape and oversee our information security posture while balancing the flexibility and scalability of a fractional engagement. The Fractional CISO will develop and maintain a cybersecurity strategy aligned with business objectives, oversee risk management, guide incident response, and ensure compliance with relevant regulations. This individual will help shape the future of the Cybersecurity team at Renovo Financial. This is a Contract Role.

Responsibilities

Cybersecurity Strategy and Governance

• Develop and implement a comprehensive cybersecurity strategy aligned with Renovo’s business goals.
• Maintain and evolve Renovo’s Security Policy, Disaster Recovery, and Business Continuity Plans.
• Define security KPIs and present regular program updates to executive leadership and the board.
• Own and manage the cybersecurity budget, allocating resources for maximum impact.

‍Risk Assessment, Mitigation, & Compliance

• Identify, evaluate, and mitigate cybersecurity risks, including assessing the security of information systems and networks, identifying vulnerabilities, and developing remediation plans
• Stay up to date on the latest cybersecurity threats, trends, industry best practices, and technologies, and make recommendations for new security measures as needed‍

Security Architecture and Controls

• Lead the design, implementation, and maintenance of cybersecurity controls and technologies, including firewalls, intrusion detection/prevention systems, encryption, access controls, and network security
• Strengthen identity & access management, network security, encryption, and endpoint protection capabilities.
• Partner with IT and engineering teams to embed security into architecture and development lifecycles.
• Maintain and implement new policies and procedures that ensure the confidentiality, integrity, and availability of information systems and networks.

Incident Response and Remediation

• Lead incident response efforts in the event of a cybersecurity incident, including coordinating with other departments and external stakeholders, conducting investigations, and implementing remediation measures.

Training and Awareness

• Conduct cybersecurity awareness and training programs for employees to promote a security-conscious culture within the organization
• Provide cybersecurity expertise and guidance to other departments and employees, including training and education on cybersecurity best practices
• Serve as a trusted advisor to leaders and employees, enabling them to make secure decisions.
• Build and sustain a security-first culture across the company through awareness and training programs.

Stakeholder and Vendor Management

• Develop and maintain strong relationships with stakeholders across the organization, serving as a trusted advisor and technology expert
• Manage relationships with external vendors, consultants, and security service providers to ensure the effective delivery of cybersecurity services
• Prepare and present regular reports to executive management on the company's cybersecurity status, incidents, and remediation efforts

Leadership & People Development

• Manage and lead a team of cybersecurity professionals, including hiring, training, and development
• Enable/disable credentials for new hires and exiting employees.
• Manage vendor relationships and oversee security service providers to ensure effective delivery.

Be the Culture

• Bring Renovo’s values to life through your actions, choices, and commitment to a shared purpose

What We Look For

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• 15+ years of progressive experience in cybersecurity, with prior executive/leadership roles (CISO, Deputy CISO, or equivalent).
• Demonstrated success building and leading cybersecurity programs in financial services or other regulated industries.
• Deep expertise in risk management, governance, compliance, vulnerabilities, and incident response.
• Relevant industry certifications (CISSP, CISM, CRISC, or equivalent) preferred.
• In-depth understanding of network security, operating systems, and cloud infrastructure security
• Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST Cybersecurity Framework, CIS Controls, ISO 27001).
• Experience in designing and implementing effective cybersecurity solutions, strategies, policies, and procedures.
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical information to non-technical stakeholders.
• Strong leadership skills, with the ability to manage and motivate a team of cybersecurity professionals.
• Relevant industry certifications (e.g., CISSP, CISM, CRISC) preferred.
  

How to Apply

Note: This is a syndicated job post, meaning it was not posted to Fractional Jobs directly, so we don't have control over the application process. To apply, click on the "View Application" and follow the application's instructions.

‍