Information Security Officer
Location
Pune | India
Job description
As our Chief Information Security Officer (CISO) , you will have the opportunity to guide our information security and data privacy initiatives and support our growth utilizing your extensive experience, knowledge, expertise, and hands-on skills.
Experience required 5 to 8 Years
What you ll be doing:
- Design and develop an information security and data privacy program roadmap to align and scale with company growth
- Develop best practices and security standards for the organization including preparing and documenting standard operating procedures and protocols
- Lead security assessment and testing processes, including but not limited to penetration testing, vulnerability management, and secure software development
- Develop and extend security tooling and automation efforts across the organization
- Proactively identify security issues and potential threats and continuously build processes and design systems to watch for and protect against them
- Lead compliance activities including external audits, regulatory compliance projects, and overall information security reviews
- Communicate infosec and data privacy operational goals, direction, and business impact to stakeholders
- Interface with outside stakeholders including our customers, partners, compliance agencies, and regulatory and legal authorities
- Provide strategic risk guidance and consultation, including the evaluation and recommendation of technical standards and controls
- Establish and implement a process for incident management
Requirements:
- Proven 5+ years of information security management experience
- A bachelor s degree in computer science, cyber-security or a related field
- Certified Information Systems Security Professional (CISSP) accreditation and/or CISA is desirable.
- Proficiency in compliance implementation and management related to risk management frameworks including COBIT, ITIL, ISO27001/2 and NIST and SOC2
- Experience in security assessment, cloud architecture, application threat modelling, policy writing
- Proficiency in compliance implementation and management
- Strong understanding and experience with Secure SDLC and DevSecOps or security automation
- Able to confidently engage with our customer s Data Privacy and Info Sec representatives
- Capable of understanding and communicating the business impact that infosec operations have on the organization
- Compliance skills in relation to key legislations such as the Health Insurance Portability & accountability Act (HIPAA), The Sarbanes-Oxley (SOX) Act of 2002, Payment Card Industry (PCI), General Data Protection Regulation
Job tags
Salary