CYE is looking for a CISO as a Service to join our Cyber Architecture team within the Critical Cyber Operations Group. In this role you will be acting as the principal cyber security authority for our clients, leading their security strategic plan according to risk analysis, and overall raising their security posture. You will serve as their first line of defense against the ever evolving cyber threat landscape.

Responsibilities

• Lead all security related operations and strategic planning for our clients. He/she will serve as focal point for all security related queries, concerns and incidents and will strive to strengthen their security posture
• Perform Risk analysis on customers’ entire infrastructure and organization, determine needed security controls and manage the residual risk
• Identify organizational assets, and verify they are effectively and consistently protected
• Lead security related efforts with both top-tier management and technical savvy personnel
• Create a tailored security plan and policies for each client
• Develop methodologies to be implemented across our clients
• As part of the Cyber-architecture team, perform architectural reviews on designed or deployed environments, identify security flaws and recommend mitigation plans
• Research and advocate for new security solutions and technologies

Qualifications

• 3+ years of experience as CISO or CISO as a Service in a global organization, including demonstrated ability to design and execute security program initiatives
• Experience with Cyber Risk Management
• An excellent understanding of security standards and best practices e.g., SOC2, ISO27001, ISO 27018 etc., as well as Familiarity with Data Protection Act (2018), GDPR
• Experience with budget planning and overseeing complexed cyber security initiatives.
• Knowledge Of cloud environments – AWS, Azure, GCP– A significant advantage
• Knowledge Of Securing SaaS solutions –A significant advantage
• Deep understanding of Microsoft IT infrastructure i.e., AD, GPO, protocols
• Knowledge of security controls e.g., AV, EDR/XDR, DLP, Device control etc.
• Experience with implementing security monitoring procedures & systems (SOC, SIEM, SOAR)
• High level of English, written and spoken
• Hands-on experience with securing large organizational networks, including security controls, OS hardening, network devices’ security etc.
• CISO\CISSP certification