Information Security Officer

About Us: Invimatic is committed to delivering high-quality services while ensuring the security and privacy of our clients and their customers data. We are looking for a strategic and experienced Information Security Officer to lead our information security initiatives and drive SOC 2 compliance across the organization.

Job Summary: The Chief Information Security Officer (CISO) will be responsible for developing, implementing, and managing a comprehensive information security program that ensures the Security, confidentiality, integrity, privacy and availability of our customers data. The CISO will play a critical role in guiding the organization through the SOC 2 compliance process, ensuring that all necessary controls are established and maintained to meet SOC 2 standards.

Key Responsibilities:

1. Strategy Development:
2. Develop and implement an information security strategy aligned with the company s goals and objectives.
3. Establish a road-map for achieving SOC 2 compliance and continually assess compliance against SOC 2 criteria.
4. Policy and Procedure Creation:
5. Create and enforce information security policies, procedures, and standards to ensure compliance with SOC 2 requirements.
6. Ensure the policies are regularly updated and communicated to all employees.
7. Risk Management:
8. Identify, assess, and mitigate information security risks related to company operations and data management.
9. Conduct regular risk assessments and audits to evaluate the effectiveness of security controls.
10. Team Leadership:
11. Lead the information security team, fostering a culture of security awareness and compliance throughout the organization.
12. Provide guidance and mentorship to team members in implementing security best practices.
13. Stakeholder Collaboration:
14. Work closely with executive leadership, IT, legal, and compliance teams to ensure alignment on security initiatives and SOC 2 compliance efforts.
15. Serve as the primary point of contact for internal and external stakeholders regarding security and compliance matters.
16. Training and Awareness:
17. Develop and implement a security training and awareness program for all employees to promote a culture of security.
18. Incident Response and Management:
19. Oversee the incident response plan and ensure timely and effective responses to security incidents.
20. Lead post-incident analysis to identify areas for improvement and prevent future occurrences.
21. Continuous Improvement:
22. Stay informed about industry trends, threats, and regulatory changes that may impact information security and compliance.
23. Continuously evaluate and improve the organization s information security posture and compliance with SOC 2 standards.

Qualifications:

• Bachelor s degree in Information Security, Computer Science, or a related field; Master s degree preferred.
• Minimum of 6-10 years of experience in information security, with a focus on compliance (SOC 2 preferred).
• Proven experience in implementing and managing security frameworks and compliance programs.
• Strong understanding of SOC 2 requirements and best practices.
• Relevant certifications such as CISM, CISSP, or CISA are highly desirable.
• Excellent leadership, communication, and interpersonal skills.