Chief Information Security Officer

Role Overview: As the Chief Information Security Officer (CISO), you are responsible for defining and maintaining the organization's vision, strategy, and programs to ensure the protection of information assets and technologies. Your role involves overseeing the implementation of information security policies, risk management strategies, and compliance with regulatory standards to safeguard the organization's data, systems, and operations against cyber threats. Key Responsibilities: - Strategic Planning: - Develop, implement, and monitor a comprehensive enterprise-wide information security and IT risk management program. - Seek top management support for implementing information security measures. - Identify and set information security goals aligned with business needs. - Define the scope of the organization's information security program. - Stay updated on legal, regulatory, and industry-specific requirements for compliance. - Establish an organization-wide Information Security Management System (ISMS) in compliance with ISO/IEC 27001 standards. - Identify, assess, and mitigate information security risks based on business priorities. - Develop business continuity, disaster recovery, and incident response plans. - Drive awareness and training programs to promote a security culture within the organization. - General Planning: - Establish organization-specific information security policies, standards, procedures, guidelines, and processes. - Implement a formal process for creating, documenting, reviewing, updating, and implementing security policies. - Assess and revise security policies regularly to address evolving threats and compliance requirements. - Lead the development of tailored information security policies in collaboration with stakeholders. - Information Security Management: - Develop an organization-wide Information Security and Risk Management Plan. - Develop comprehensive Information Security Policies, Standards, and Guidelines. - Enforce approved security policies, guidelines, and frameworks. - Integrate security into business processes and IT system life cycles. - Perform risk assessments, monitor security incidents, and address breaches. - Raise awareness among stakeholders and ensure compliance by third-party service providers. - Provide reports on information security to senior management and the Board. Qualification Required: - A bachelor's or master's degree in a relevant field. - Minimum of 15-20 years of progressive experience in technology, information security, Data Privacy, Compliance, and Risk Management in leadership roles.,