Chief Information Security Officer (CISO) REF-J01-493

Job Description

Job Summary: The Chief Information Security Officer (CISO) is responsible for establishing and maintaining an enterprise-wide information security program to ensure the confidentiality, integrity, and availability of information assets. The CISO will lead efforts to safeguard the organization’s data, systems, and networks against cyber threats while aligning security initiatives with business objectives and regulatory requirements. Key Responsibilities: Strategic Leadership Develop, implement, and maintain an information security strategy aligned with organizational goals and product roadmap. Establish security policies, standards, and frameworks that mitigate risk while enabling innovation and growth. Communicate cybersecurity risks, plans, and strategies to the executive team and board of directors. Collaborating with the business leader and the Training organization to support employee training and development initiatives, promoting continuous learning and skill enhancement. Actively engage with external stakeholders to identify data security expectations, market and industry trends in order to secure the Company’s position as the industry leader in cybersecurity. Risk Management and Compliance Work closely with the Engineering and Product teams to identify and execute leading data security processes and strategies. Conduct regular risk assessments and implement strategies to address vulnerabilities. Ensure compliance with relevant laws, regulations, and standards such as GDPR, OWSP, NIST, SOC or ISO 27001. Oversee audits, penetration testing, and security reviews. Develop and implement the processes for minimizing the client data stored by the Company. Implement automated processes for the identification and enforcement of the applicable data retention processes. Develop and implement strategies for mitigating end-users related vulnerabilities i.e. social engineering, malicious actions, etc. Incident Management Develop and lead incident response plans to manage and mitigate the impact of security breaches. Oversee forensic investigations and root cause analyses following security incidents. Technology Oversight Evaluate, implement, and manage advanced security technologies, including firewalls, intrusion detection systems, and encryption. Monitor emerging threats and adopt solutions to address evolving risks. Team Leadership and Development Recruit, mentor, and lead a team of cybersecurity professionals. Foster a culture of security awareness across the organization, providing training and resources to employees. Vendor and Partner Management Assess third-party vendors and partners for security risks and compliance. Ensure secure integration and collaboration with external entities. Qualifications: Education and Experience Bachelor’s degree in Information Security, Computer Science, or a related field (Master’s preferred). 10+ years of experience in information security, including at least 5 years in a leadership role. Skills and Competencies Deep understanding of cybersecurity frameworks (e.g., NIST, ISO 27001). Strong knowledge of risk management, compliance, and regulatory standards. Proven ability to lead cross-functional teams and communicate technical concepts to non-technical stakeholders. Expertise in security technologies such as SIEM, IDS/IPS, and DLP. Certifications (Preferred) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Ethical Hacker (CEH) GIAC Security Expert (GSE) Key Attributes: A strategic and forward-thinking approach to cybersecurity challenges. Strong decision-making skills under pressure. Ability to balance business needs with security requirements.

Qualifications / Skills

Minimum Requirements for Candidates

  • Bachelor’s degree in Information Security, Computer Science, or a related field (Master’s preferred).
  • 10+ years of experience in information security, including at least 5 years in a leadership role.
  • Deep understanding of cybersecurity frameworks (e.g., NIST, ISO 27001).
  • Strong knowledge of risk management, compliance, and regulatory standards.
  • Proven ability to lead cross-functional teams and communicate technical concepts to non-technical stakeholders.

Expectations for Ideal Candidates

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)
  • GIAC Security Expert (GSE)
  • Expertise in security technologies such as SIEM, IDS/IPS, and DLP.

Responsibilities

  • Develop, implement, and maintain an information security strategy aligned with organizational goals and product roadmap.
  • Develop, implement, and maintain an information security strategy aligned with organizational goals and product roadmap.
  • Establish security policies, standards, and frameworks that mitigate risk while enabling innovation and growth.
  • Communicate cybersecurity risks, plans, and strategies to the executive team and board of directors.
  • Establish security policies, standards, and frameworks that mitigate risk while enabling innovation and growth.
  • Collaborating with the business leader and the Training organization to support employee training and development initiatives, promoting continuous learning and skill enhancement.
  • Actively engage with external stakeholders to identify data security expectations, market and industry trends in order to secure the Company’s position as the industry leader in cybersecurity.
  • Communicate cybersecurity risks, plans, and strategies to the executive team and board of directors.
  • Work closely with the Engineering and Product teams to identify and execute leading data security processes and strategies.
  • Ensure compliance with relevant laws, regulations, and standards such as GDPR, OWSP, NIST, SOC or ISO 27001.
  • Collaborating with the business leader and the Training organization to support employee training and development initiatives, promoting continuous learning and skill enhancement.
  • Oversee forensic investigations and root cause analyses following security incidents.
  • Evaluate, implement, and manage advanced security technologies, including firewalls, intrusion detection systems, and encryption.
  • Actively engage with external stakeholders to identify data security expectations, market and industry trends in order to secure the Company’s position as the industry leader in cybersecurity.
  • Recruit, mentor, and lead a team of cybersecurity professionals.
  • Work closely with the Engineering and Product teams to identify and execute leading data security processes and strategies.
  • Ensure compliance with relevant laws, regulations, and standards such as GDPR, OWSP, NIST, SOC or ISO 27001.
  • Oversee forensic investigations and root cause analyses following security incidents.
  • Evaluate, implement, and manage advanced security technologies, including firewalls, intrusion detection systems, and encryption.
  • Recruit, mentor, and lead a team of cybersecurity professionals.

Required Documents

  • Updated CV: 
  • Updated CV: 
Apply Now
Closing: 25.02.2025
Closing: 25.02.2025
Apply Now