We are seeking a Chief Information Security Officer (CISO) to oversee and safeguard our company's information, cyber, and technology security.
The CISO will bear full responsibility for the development, implementation, and enforcement of security policies, procedures, and protocols, ensuring the protection of critical data.
As CISO, Your Role Will Involve working closely with our development and operations teams to identify, mitigate, and manage security risks and threats.
Responsibilities:
Team Management: Lead a team of Cyber Security Specialists, GRC Specialists, and an Application Security Engineer, overseeing Corporate IT, Governance, Risk and Compliance, Product Security (Production), and Development Security.
Strategic Execution: Develop and implement the companys security, risk, and compliance strategy and roadmap.
Policy Development: Establish and uphold policies, procedures, and protocols supporting our security and IT compliance objectives.
Comprehensive Security Program: Design and implement a robust information security program that safeguards the company's data, systems, and networks.
Risk Management: Evaluate and manage risks associated with the companys products, services, and operations.
Operational Security: Oversee daily security operations, including incident response, readiness, and business continuity, while addressing vulnerabilities in our infrastructure and applications.
Security Assessments: Conduct regular security assessments and audits.
Vendor Management: Oversee the selection, evaluation, and implementation of vendor services and tools that enhance information security and compliance.
Training and Awareness: Create and deliver security training programs to educate employees on best practices.
Leadership and Expertise: Stay current with the latest security trends, technologies, and best practices, providing leadership to the enterprise's information security efforts.
Collaboration and Education: Partner with business stakeholders to raise awareness of risk management, and lead security awareness training for employees, contractors, and partners.
Subject Matter Expertise: Serve as a subject matter expert to internal and external business professionals, ensuring alignment with strategic goals and roadmaps.
External Collaboration: Work with external security experts and stakeholders.
Technology Planning: Support overall business technology planning, offering insight into current and future technology and systems.
Global Leadership: Lead both local and global Governance, Risk, and Compliance initiatives.
The CISO will bear full responsibility for the development, implementation, and enforcement of security policies, procedures, and protocols, ensuring the protection of critical data.
As CISO, Your Role Will Involve working closely with our development and operations teams to identify, mitigate, and manage security risks and threats.
Responsibilities:
Team Management: Lead a team of Cyber Security Specialists, GRC Specialists, and an Application Security Engineer, overseeing Corporate IT, Governance, Risk and Compliance, Product Security (Production), and Development Security.
Strategic Execution: Develop and implement the companys security, risk, and compliance strategy and roadmap.
Policy Development: Establish and uphold policies, procedures, and protocols supporting our security and IT compliance objectives.
Comprehensive Security Program: Design and implement a robust information security program that safeguards the company's data, systems, and networks.
Risk Management: Evaluate and manage risks associated with the companys products, services, and operations.
Operational Security: Oversee daily security operations, including incident response, readiness, and business continuity, while addressing vulnerabilities in our infrastructure and applications.
Security Assessments: Conduct regular security assessments and audits.
Vendor Management: Oversee the selection, evaluation, and implementation of vendor services and tools that enhance information security and compliance.
Training and Awareness: Create and deliver security training programs to educate employees on best practices.
Leadership and Expertise: Stay current with the latest security trends, technologies, and best practices, providing leadership to the enterprise's information security efforts.
Collaboration and Education: Partner with business stakeholders to raise awareness of risk management, and lead security awareness training for employees, contractors, and partners.
Subject Matter Expertise: Serve as a subject matter expert to internal and external business professionals, ensuring alignment with strategic goals and roadmaps.
External Collaboration: Work with external security experts and stakeholders.
Technology Planning: Support overall business technology planning, offering insight into current and future technology and systems.
Global Leadership: Lead both local and global Governance, Risk, and Compliance initiatives.
Requirements:
Experience: Minimum of 10 years in information security, with at least 5 years in a leadership role.
Trusted Advisor: Proven experience as a trusted advisor to management, with a strong background in developing and implementing effective information security processes and methodologies.
Framework Knowledge: Deep understanding of security and control frameworks and standards such as NIST, ISO, SOC, HIPAA, HITRUST, FedRAMP, GDPR, or similar.
Communication Skills: Exceptional communication, interpersonal, and leadership abilities, with the capability to engage with staff at all levels to foster a security-focused culture across the company.
Cloud Experience: Experience with cloud platforms, particularly Azure and AWS, and a broad understanding of cloud security and monitoring technologies (e.g., WAF, DLP, IDS/IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, patch, and vulnerability management).
Sector Experience: Experience in the global technology sector, with SaaS or applications experience preferred.
Certifications: Professional security management certifications, such as CISSP, CISM, or CISA.
Innovative Leadership: Demonstrated ability to lead and inspire cross-functional, interdisciplinary teams.
Language Proficiency: Excellent verbal and written English communication skills.
Experience: Minimum of 10 years in information security, with at least 5 years in a leadership role.
Trusted Advisor: Proven experience as a trusted advisor to management, with a strong background in developing and implementing effective information security processes and methodologies.
Framework Knowledge: Deep understanding of security and control frameworks and standards such as NIST, ISO, SOC, HIPAA, HITRUST, FedRAMP, GDPR, or similar.
Communication Skills: Exceptional communication, interpersonal, and leadership abilities, with the capability to engage with staff at all levels to foster a security-focused culture across the company.
Cloud Experience: Experience with cloud platforms, particularly Azure and AWS, and a broad understanding of cloud security and monitoring technologies (e.g., WAF, DLP, IDS/IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, patch, and vulnerability management).
Sector Experience: Experience in the global technology sector, with SaaS or applications experience preferred.
Certifications: Professional security management certifications, such as CISSP, CISM, or CISA.
Innovative Leadership: Demonstrated ability to lead and inspire cross-functional, interdisciplinary teams.
Language Proficiency: Excellent verbal and written English communication skills.
This position is open to all candidates.
