CISO

DESCRIPTION

Chief Information Security Office

We are looking for CISO for a global organization that will own all aspects of Information Security, Company compliance with regulation and banking standards, manage and work with 3rd part vendors. In this position you will Reported to Head of Banking Service Bureau, and working with Infra and Application teams in Israel and offshore, customers, management, business units.

Responsibility for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems, and assets from both internal and external threats. Developing Cyber security program and resiliency plan.

The CISO will lead the team of 3 - GRC, Security Expert, and SOC manager (+ SOC Team)

Key Tasks and Responsibilities:

Manage End-to-End Security Services for the Banking Services Bureau.
Implement and review of Information security Policies and Procedures, such as: Information Security policy, Classification policy, Access control policy, Risk assessment and risk treatment methodology, Statement of Applicability etc.
Run vulnerability scans, PT’s, and Application Security Risk assessments
Oversee the development of new products and services to ensure that their design takes security into account from the beginning.
Determine types of training employees require to meet various security requirements.
Manage and mitigate vendor risks.
Develop and maintain BCP
Drive mitigation of risks; propose mitigating controls in accordance with sector risk appetite and the security policies and standards and drive implementation and use.
Ensure the infrastructure is secured properly and always maintained on security levels
Register, report, investigate and manage information security incidents.
Provide security trainings to stakeholders at different levels
Keep up with relevant international legislation, emerging threats, forecasts, policies, and benchmarks
Act as a subject matter expert on Information Security topics and provide relevant inputs to organizational stakeholders, as required.
Interact with customers’ CISO and manage ongoing mutual processes

REQUIREMENTS

Required Skills

Bachelor’s degree or equivalent combination of education and experience (e.g. in a technical area, business administration, industrial engineering) Information security risk management qualifications like CISA, CISM, CRISC, CISSP
Knowledge of and experience with security standards and frameworks, especially ISO27001/2, PCI-DSS, GPDR, SOC1/2, NIST
10 Years experience of the processes, application landscape and stakeholders within the Banking/ Financial sector
Strong analytical skills
Relationship builder; able to create and maintain a trusted network on all levels
Good communication, influencing and negotiating skills
Pro-active and self-motivated with the proven ability to drive results
Flexible, adapting to company culture and individual behaviour
Fluent in English (written and verbal).