Chief Information Security Officer

Role: Chief Information Security Officer (CISO)

Chief Information Security Officer (CISO)

OXYZOs

cybersecurity, risk management, governance, and compliance, ensuring the protection of

organizational data, systems, and infrastructure.

CEO and

work closely with the Board of Directors

risks and resilience. You will also represent the company to external stakeholders including

regulators, auditors, and customers, reinforcing trust and credibility in OXYZOs security

posture.

Key Responsibilities

1. Security Strategy & Governance

• Develop and implement the organizations information security strategy aligned with

business objectives.

• Establish governance frameworks, policies, and security standards across the

enterprise.

• Report regularly to the CEO and Board on security posture, risks, and progress.

2. Risk Management & Compliance

• Build and oversee a comprehensive risk management program to identify, assess, and

mitigate cyber risks.

• Ensure compliance with applicable regulatory, legal, and contractual requirements (ISO

27001, SOC2, GDPR, PCI DSS, etc.).

• Lead regular security audits and certification processes.

3. Cybersecurity Operations & Incident Management

• Oversee security operations including monitoring, detection, and response.
• Direct incident response processes to ensure timely containment, recovery, and root

cause analysis.

• Ensure disaster recovery and business continuity plans are robust and tested.

4. Technology & Emerging Threats

• Evaluate and implement advanced security solutions, automation tools, and intelligence

platforms.

• Anticipate and prepare for emerging cyber threats, zero-day vulnerabilities, and APTs.
• Drive secure architecture, DevSecOps adoption, and cloud security initiatives.

5. Leadership & Culture

• Build, mentor, and lead a high-performing security team (Red Team, Blue Team, GRC,

SOC).

• Champion a security-first culture across the organization through training and

awareness.

• Provide leadership guidance to business units on secure practices.

6. External Stakeholder Engagement

• Act as the executive face of security for regulators, auditors, customers, and partners.
• Ensure the organization maintains a strong reputation for security and compliance in the

market.

• Collaborate with external security communities and industry bodies to stay ahead of best

practices.

Requirements

• Expertise in enterprise cybersecurity, risk management, and compliance frameworks.
• Proven experience in Red/Blue team oversight, threat modeling, and secure

architecture.

• Strong ability to communicate risks and strategy at CEO/Board level.
• Excellent stakeholder management, external representation, and executive

communication skills.

Qualifications

• 10+ years of experience in Information Security, with at least 35 years in a leadership

role (CISO, Deputy CISO, Head of Security, or equivalent).

• Track record of designing and scaling enterprise-wide security programs.
• Deep knowledge of frameworks (NIST, ISO 27001, CIS, PCI DSS, GDPR, SOC2).
• Expertise in enterprise and cloud security, IAM, and automation.
• Industry-recognized certifications (CISSP, CISM, CISA, CCISO, or equivalent) preferred.