CISO

Required Chief Information Security Officer (CISO)
As the Chief Information Security Officer (CISO), you will be responsible for protecting the companys digital infrastructure, data, and internal systems from cyber threats. You will develop and implement security strategies to ensure compliance, safeguard intellectual property, and mitigate cybersecurity risks. This role requires expertise in cloud security, real-time threat detection, and regulatory compliance to support a seamless and secure operational environment.
Key Responsibilities:
Security & Risk Management
Develop and oversee security frameworks for enterprise infrastructure, including cloud environments and critical systems.
Monitor real-time traffic and system logs to detect anomalies and mitigate security risks.
Lead risk assessment initiatives to identify vulnerabilities and implement mitigation strategies.
Data Protection & Compliance
Ensure compliance with global data protection laws (e.g., GDPR, CCPA) and industry regulations.
Lead security and privacy initiatives to protect user accounts, payment information, and sensitive data.
Oversee identity and access management (IAM) solutions to prevent unauthorized access to critical systems and applications.
Application Security & Secure Development
Implement and enforce application security best practices, focusing on OWASP Top 10 vulnerabilities and secure coding.
Ensure secure mobile application development by integrating security controls into mobile app lifecycles.
Oversee Web Application Firewall (WAF) solutions to protect against web-based threats.
Work with engineering teams to implement DevSecOps and security automation across development pipelines.
Oversee penetration testing, bug bounty programs, and vulnerability management for applications and APIs.
Cyber Threat Intelligence & Incident Response
Establish and manage security operations (SOC), SIEM, and threat detection for real-time response to cyber threats.
Lead forensic investigations and incident response for cyberattacks affecting enterprise infrastructure.
Stay ahead of emerging threats, including hacking techniques, ransomware, and credential stuffing attacks.
Security Awareness & Collaboration
Educate employees and stakeholders on cybersecurity best practices.
Work closely with legal, compliance, and risk teams to align security policies with business goals.
Manage relationships with third-party security vendors and technology partners.
Policies & Compliance
Develop & Maintain Security Policies Create and enforce cybersecurity policies aligned with ISO 27001, NIST, GDPR, and industry standards.
Ensure Regulatory Compliance Oversee adherence to compliance frameworks (SOC 2, PCI-DSS, ISO27001, and ISO27701) and conduct security audits.
Risk & Incident Management Implement risk assessment strategies and incident response plans to mitigate security threats.
Governance & Reporting Provide security insights to leadership, track KPIs, and ensure business alignment with security objectives.