Chief Information Security Officer (CISO)

Job Description

Company: Cherry Bekaert

Location: Nashville, US

About the position

Cherry Bekaert is seeking a Chief Information Security Officer (CISO) to shape and execute a strategic security vision that positions us as an industry leader. This is your opportunity to transform security into a business enabler while safeguarding our clients, people, and data.

Responsibilities
• Develop and execute a forward-thinking cybersecurity strategy aligned with Cherry Bekaert’s business goals and digital transformation initiatives.
• Design, implement, and maintain a comprehensive information security framework—including policies, procedures, and controls—across all technology platforms and business processes.
• Lead and inspire the firm’s cybersecurity team, fostering a culture of security awareness, accountability, and continuous improvement.
• Collaborate closely with the CIO, Infrastructure, Data, Operations teams, and other C-suite executives to embed security into all technology and business decisions.
• Assess and manage information security risks through a detailed risk register and effective mitigation strategies.
• Oversee incident response and business continuity planning for rapid, coordinated responses to security breaches or disruptions.
• Stay current on emerging cybersecurity threats and technologies; implement innovative solutions to strengthen the firm’s security posture.
• Ensure compliance with industry regulations and standards (CMMC, GDPR, CCPA, NIST, ISO 27001, SOC 2) and lead audits and assessments.
• Provide clear, actionable reports to executive leadership and the board on security status, risks, and strategic initiatives.
• Build strategic partnerships with clients, vendors, and industry peers to position Cherry Bekaert as a recognized thought leader in cybersecurity.

Requirements
• Bachelor’s degree in Computer Science, Information Security, or related field.
• CISSP, CISM, or CRISC (or equivalent) certifications.
• 10+ years in information security strategy roles, including 5+ years in senior leadership.
• Deep technical expertise in cybersecurity principles, frameworks, and best practices.
• Strong regulatory compliance knowledge (CMMC, GDPR, CCPA, NIST, ISO 27001, SOC 2).
• Proven success in enterprise-wide security strategy development and execution.
• Exceptional leadership and team management skills with a focus on accountability and continuous improvement.
• Excellent communication skills for technical and non-technical audiences, including executives and boards.
• Expertise in risk management, incident response, and business continuity planning.
• Ability to collaborate and influence across C-suite and cross-functional teams.
• Commitment to innovation and continuous improvement in security practices.
• Business acumen to transform security from a cost center into a strategic differentiator.

Benefits
• annual bonus
• medical
• dental
• vision care
• disability and life insurance
• generous Paid Time Off
• retirement plans
• Paid Care Leave

Source: Teal