Job Description
Overview ABOUT ENTERPRISE MANAGEMENT: Enterprise Management Solutions, Inc. (Enterprise) is a full-spectrum administrative and operational management firm headquartered in Baltimore, Maryland. We provide contracted infrastructure support to independently governed organizations in sectors such as behavioral health, primary care, supportive housing, food service, commercial real estate, and nonprofit development. Enterprise does not own or govern the organizations we serve. Instead, we operate as a trusted administrative services provider under formal contractual agreements, offering high-level back-office services that allow our clients to focus on mission execution and program delivery.
Our scope of service includes:
Comprehensive fiscal systems and multi-entity accounting
Human resource infrastructure and staff onboarding
Legal compliance and audit readiness
Technology integration and IT systems governance
Organizational growth planning and fiscal sustainability analysis
Federal and state grant compliance, budget monitoring, and reporting
Financial and operational performance dashboards
CEO- and executive-level strategy support
Our goal is to relieve mission-driven companies of administrative burden by overseeing financial and operational systems that allow leadership teams to focus on quality care and innovation.
DISCLOSURES: The specific statements shown in each section of this job description are not intended to be all-inclusive. They represent typical elements and criteria considered necessary to perform the job successfully. The job’s responsibilities/tasks may be modified and/or expanded over time. Company will inform the personnel member when changes in the respective job description are made.
COMPANY WEBSITE:
COMPANY PHONE NUMBER: (667) 309-5345
HUMAN RESOURCES PHONE NUMBER: (667) 309-5345 ext. 10
Position and Employment Details POSITION TITLE: Chief Information Security Officer (CISO)
ALTERNATE TITLE(S): Chief Cybersecurity Officer (CCSO), Chief Security Officer (CSO – Cybersecurity), Senior Cybersecurity Executive
COMPANY: Enterprise Management Solutions, Inc. (in support of all customer companies under contract)
DIVISION: Technology & Information Security
DEPARTMENT: n/a
UNIT: n/a
BENEFITS PACKAGE: In addition to hourly wages, eligible employees may receive a comprehensive benefits package that includes:
Paid Time Off (PTO)
Family and Medical Leave
Health, Medical, and Dental Insurance Reimbursement or health insurance coverage, as available
Supplemental Health and Disability Insurance Options
Retirement Savings Plan
Professional Development Support and Continuing Education Opportunities
WORK SCHEDULE: Two days per week, 8:00 AM – 5:00 PM (daily lunch break from 12:00 PM – 1:00 PM)
ACCOUNTABLE TO: Chief Executive Officer (COO, in absence of CEO)
ACCOUNTABLE FOR: Oversight of cybersecurity strategy, data protection, regulatory compliance, and the supervision of all information security systems, personnel, and vendors across all affiliated companies. This role is responsible for ensuring uninterrupted cybersecurity operations, incident response readiness, and cross-training protocols to protect critical client and company assets.
CLASSIFICATION: W-2 employee; part-time hourly
COMPENSATION RANGE: Ranges between $55.00 per hour to $90.00 per hour, and is commensurate with experience, expertise, verified credentials, and available company budget.
ANTICIPATED TRAVEL: Up to 10% of the time (interoffice and site-based meetings)
WORKPLACE POLICY: This is a 100% in-office role at Baltimore HQ, two days per week. Remote work or telework is prohibited unless explicitly pre-approved in writing by the CEO.
SUMMARY OF POSITION RESPONSIBILITIES: The Chief Information Security Officer (CISO) serves as the organization’s highest-ranking cybersecurity executive, responsible for designing, implementing, and maintaining a resilient information security program that safeguards company and client systems against internal and external threats. The CISO oversees all areas of cybersecurity including policy development, risk management, threat detection, incident response, and compliance with federal and state regulations (HIPAA, HITECH, GDPR, SOC2, PCI-DSS, NIST, and others as applicable).
This role also ensures that Enterprise delivers all contracted Information Security, IT Governance, and Cybersecurity Risk Management services to affiliated entities, protecting sensitive healthcare, housing, financial, and client records. The CISO plays a critical role in aligning technology security with enterprise goals, while proactively mitigating risks across all operational areas.
SCHEDULED DUTIES AND RESPONSIBILITIES:
Cybersecurity Strategy & Leadership: Develop and execute a company-wide cybersecurity program aligned with business and client requirements; translate the CEO’s strategic vision into measurable, risk-based security initiatives; conduct long-term security planning, including disaster recovery and business continuity.
Risk Management & Regulatory Compliance: Ensure strict compliance with HIPAA, HITECH, GDPR, SOC2, PCI-DSS, NIST, and state regulations; perform enterprise-wide risk assessments and vulnerability scans; maintain and update incident response, breach notification, and audit readiness protocols.
Threat Monitoring & Incident Response: Direct the Security Operations Center (SOC) or equivalent vendor-managed services; oversee intrusion detection, SIEM monitoring, log review, and malware defense; lead incident response, forensic investigation, and breach communication with executive leadership.
Identity, Access, and Data Security: Manage identity and access management systems, including MFA and privileged access controls; oversee endpoint, mobile device, and server security configurations; ensure encryption, secure backups, and data loss prevention across all platforms.
Vendor & Third-Party Oversight: Review vendor contracts, security certifications, and compliance attestations; establish standards for secure integration with external technology providers; lead vendor risk management and third-party security audits.
Internal Policies & Training: Develop internal cybersecurity policies, acceptable use guidelines, and SOPs; deliver quarterly staff training on phishing, ransomware, and cybersecurity awareness; conduct simulated incident drills and security tabletop exercises.
Collaboration & Executive Support: Advise the CEO and COO on cybersecurity risks and budget needs; partner with CFO, HR, and Operations Managers to ensure cross-department compliance; provide security briefings to the Board of Directors and client executives.
UNSCHEDULED DUTIES AND RESPONSIBILITIES:
Respond to emergent cybersecurity threats or system alerts.
Support investigations of insider threats, fraud, or data misuse.
Participate in interdepartmental workgroups to integrate new systems securely.
Maintain active knowledge of evolving threats, ransomware tactics, and industry best practices.
Lead recovery efforts in the event of a cyber-attack or natural disaster affecting IT infrastructure.
PHYSICAL DEMANDS:
Prolonged periods sitting at a desk and working on a computer.
Occasional lifting up to 25 pounds.
WORKING CONDITIONS:
Cross-functional collaboration with executives and technical staff.
100% in-office role at Baltimore HQ (two days per week, no remote or hybrid unless CEO approved).
Travel up to 10% may be required for audits, client meetings, or incident response.
Must be available during scheduled hours with flexibility for emergent needs.
COMPETENCIES AND SKILLS:
Visionary leadership with deep technical and cybersecurity acumen.
Expertise in risk management, incident response, and compliance frameworks.
Skilled in cloud security (AWS, Azure, Google Cloud), SaaS protection, and on-premises systems.
Strong command of cybersecurity frameworks: NIST CSF, ISO 27001, COBIT.
Familiarity with healthcare IT and HIPAA/HITECH security requirements.
Effective communicator able to brief executives and train staff.
Demonstrated ability to lead multidisciplinary teams and manage security vendors.
LEVEL OF EDUCATION / TRAINING / QUALIFICATIONS:
Master’s degree in Cybersecurity, Computer Science, or Information Technology (required).
Certified Information Systems Security Professional (CISSP) in good standing (required).
Additional certifications (CISM, CISA, CCSP, CRISC) strongly preferred.
Minimum 8–10 years of progressive cybersecurity leadership experience, with at least 5 years in a senior or CISO role.
Experience overseeing security in healthcare, housing, financial, or government environments strongly preferred.
Demonstrated track record of regulatory compliance, successful incident response, and enterprise-level security program development.
#J-18808-Ljbffr Enterprise Mangement Solutions Inc
Job Tags
Hourly pay, Contract work, Part time, Work at office, Remote work, 2 days per week,