Head of Information Security and Data Privacy

As the Head of Information Security and Data Privacy, your role will involve leading the information security initiatives at an enterprise level, focusing on application security, cloud security, certification compliance, and data privacy. Your key responsibilities will include: - Designing, implementing, and managing security measures for cloud-based infrastructure to ensure the confidentiality, integrity, and availability of data. - Conducting regular security assessments and audits of cloud environments to identify and remediate vulnerabilities. - Collaborating with cross-functional teams to integrate security best practices into cloud-based solutions. - Developing and implementing strategies for securing applications throughout the software development lifecycle (SDLC). - Conducting code reviews and providing guidance to development teams on secure coding practices. - Performing application security assessments, penetration testing, and vulnerability assessments. - Developing and implementing incident response plans for cloud environments and applications. - Monitoring and analyzing security logs to detect and respond to security incidents in a timely manner. - Ensuring compliance with industry standards and regulations related to cloud security and application security. - Working with internal and external auditors to demonstrate compliance with security policies and procedures. - Implementing and maintaining security automation tools and scripts to streamline security processes. - Identifying opportunities for automation to enhance the efficiency and effectiveness of security operations. - Leading and overseeing the implementation and maintenance of GDPR and CCPA compliance programs. - Conducting thorough assessments to ensure alignment with regulatory requirements and address any gaps. - Conducting Privacy Impact Assessments (PIAs) to identify and address potential privacy risks associated with data processing activities. - Providing recommendations for mitigating privacy risks and ensuring compliance with regulations. Qualifications and Work Experience: - 18+ years of experience in information security and data privacy. - Experience working with a global footprint. - Proven expertise in developing and implementing enterprise strategies and programs for managing information and technology risks. - Familiarity with common information security management frameworks, including ISO/IEC 27001 and NIST.,