Chief Information Security Officer (16-25 yrs)

CISO - Chief Information Security Officer

Roles & Responsibilities:

- Develop and execute a comprehensive information security strategy aligned with the organization's goals and regulatory requirements.

- Advise the organization and teams on information security risks, trends, and best practices.

- Establish and maintain the company's cybersecurity policies, standards, and procedures.

- Define and enforce a risk management framework to address emerging threats and vulnerabilities.

- Manage the company's security posture, including risk assessments, audits, and compliance initiatives.

- Managing and monitoring SOC and drive cyber security related projects.

- Conduct and complete an annual review of required PCIDSS, ISO 27001 regulations and certification.

- Conducting risk assessment and security reviews of new applications and initiatives and recommendation to mitigate risk.

- Ensuring that periodic tests are conducted to evaluate the adequacy and effectiveness of technical security control measures, especially after each significant change to the IT applications/ systems/ networks as well as after any major incident.

- Ensuring regulatory and non-regulatory compliance on IT Governance and Cyber Security within stipulated timelines.

- Develop Information security awareness training and education program.

- Perform regular audits to ensure security practices are compliant.

- Ensure personnel only have access to the sensitive information for which they have appropriate authority and clearance.

- Ensure controls in place against unauthorized access to workstations and related equipment.

- Set the access and authorization controls for everyday operations as well as emergency procedures for data.

Applicants should possess the following attributes:

- Extensive experience in information security leadership roles, with a proven track record of strategic planning and execution.

- Deep understanding of regulatory standards and frameworks, including PCIDSS, ISO 27001, GDPR, and others.

- Hands-on expertise in cybersecurity technologies such as SIEM, SOAR, UEBA, TIP, and advanced threat detection systems.

- Strong background in risk management, governance, and compliance across diverse IT environments.

- Familiarity with emerging technologies, including AI, ML, and blockchain, and their implications on cybersecurity.

- Exceptional communication skills with the ability to present complex security topics to executive leadership and stakeholders.

- Certifications such as CISSP/ CISM/ CISA, or equivalent are preferred.