CISO | Director CyberSecurity

Requirements:

• At least five years of experience being responsible for reviewing and recommending security business solutions.
• Highly experienced in a cloud-oriented product-led company.
• Certifications in one or more of the following areas are required: CISO, CISM, GISO
• Demonstrated knowledge of recognized security industry standards and leading practices (e.g., SOX, ISO27001/2/3, ISO 27018, GDPR, PCI, OWASP, NIST, DISA, CIS, etc).
• Broad knowledge of cybersecurity technologies, solutions, and tools (e.g., encryption technologies, SIEM, DLP, etc.).
• Strong knowledge of cloud technologies, platforms, and services.
• Broad knowledge of operational and security processes/controls (e.g., vulnerability management, patch management, configuration management, access management, etc.).
• Exceptionally self-motivated, directed, detail-oriented with a strong sense of ownership.
• Ability to work very independently in a highly complex and dynamic environment.
• Must be able to learn, understand, and apply new technologies.
• Strong analytical and problem-solving abilities.
• Excellent written and verbal communication skills.
• Managerial experience.
  
  

• Lead the Cybersecurity team.
• Develop, Update, and Maintain a Cybersecurity strategy.
• Manage a risk-based cybersecurity program to continually secure corporate IP, technology, information, computer systems, networks, and data.
• Provide guidance of proposed cybersecurity best practices to the different business functions.
• Develop a comprehensive CyberSecurity Guidance, Processes and Procedures based on industry standards.
• Lead the cybersecurity steering committee and updated management and audit committee on cybersecurity progress, roadmap, and risks.
• Participate in the planning and design of the security architecture
• Remain informed on trends and issues in the security industry, including current and emerging technologies and regulatory and compliance issues. Advise, counsel, and educate executive and management teams on their relative importance.
• Assist in the evaluation and development of security capabilities, policies, and practices.
• Participate in the incident response process as necessary including investigating suspicious behavior.