Job
Description
Chief Information and Security Officer (CISO) Position Title : Chief Information and Security Officer (CISO) Reports To : Chief Operating Officer (COO) Location : Pune, Maharashtra, India Employment Type : Full-Time Department : Information Security/Technology About the Company ARA's Client KPO Analytics (pseudonym) is a leading KPO company which works in the domain of investment research, market research, ESG consulting and Data analytics. They are headquartered in Pune India with additional delivery centres in Hyderabad and Bangalore in India and business presence in US, UK, Middle-east & Europe. They work with around 100+ clients from different industries from across the world many of which are Fortune 500 companies. Role Overview: ARA's Client is seeking a highly-skilled Chief Information and Security Officer (CISO) to drive our enterprise-wide security strategy, technology operations, and program oversight. As CISO, you will be responsible for identifying, developing, implementing, and maintaining processes across the organization to reduce information and technology risks. You will also be required to respond to incidents, establish appropriate standards and controls, manage security technologies, direct the establishment and implementation of policies and procedures, and oversee core technology operations to ensure business continuity and system resilience. Key Responsibilities: Strategic Leadership Develop, implement, and maintain a comprehensive information security strategy aligned with SG Analytics' business objectives. Advise senior management on potential security risks and implications of major business decisions. Oversee the creation and maintenance of policies, standards, guidelines, and procedures to ensure ongoing maintenance of information security across the organization. Serve as the primary contact for all information security matters and maintain a robust awareness of emerging cyber threats, technologies, and best practices in security. Risk Management and Compliance Identify, assess, and manage risks to the organization's information assets through continuous risk assessments and security audits. Ensure compliance with industry regulations, standards, and guidelines (e.g., GDPR, ISO 27001, NIST, HIPAA, PCI-DSS), including both domestic and international requirements. Implement and maintain effective incident response and recovery processes, including the development of disaster recovery and business continuity plans. Ensure third-party vendors adhere to the organization's security policies and standards by conducting thorough security reviews and risk assessments. Security Operations Management Lead the development and operation of security monitoring, detection, and response systems. Supervise the security operations center (SOC), ensuring timely detection, response, and investigation of security incidents. Implement robust vulnerability management and threat intelligence programs to mitigate potential cyber risks. Oversee the management and mitigation of incidents such as data breaches, malware infections, and denial-of-service attacks, ensuring swift remediation efforts and lessons learned. Technology Operations Management Lead the planning, execution, and support of IT infrastructure operations, ensuring high availability, scalability, and reliability of business systems. Manage IT service delivery, incident resolution, change management, and continuous process improvements. Ensure technology operations align with security, compliance, and business continuity goals. Foster collaboration across departments to ensure technology services support overall business objectives. Drive vendor management and cost-effective use of infrastructure and cloud resources. Team Development and Collaboration Develop and manage a team to implement the strategy for enterprise security. Foster a culture of security awareness and continuous improvement across the organization. Collaborate with technology and business groups to assess, implement, and monitor IT-related security risks/hazards. Qualifications: Bachelor's degree in information security, Computer Science, or a related field; Master's degree preferred. Minimum of 18 years of experience in information security and technology operations, with at least 5 years in a leadership role. Strong knowledge of information security frameworks, standards, and regulations. Proven track record of developing and implementing successful information security and IT operations strategies. Excellent leadership, communication, and interpersonal skills. Relevant certifications (e.g., CISSP, CISM, CISA) are highly desirable. Show more Show less
