Job Description

About Us: Invimatic is committed to delivering high-quality services while ensuring the security and privacy of our clients and their customers data. We are looking for a strategic and experienced Information Security Officer to lead our information security initiatives and drive SOC 2 compliance across the organization. Job Summary: The Chief Information Security Officer (CISO) will be responsible for developing, implementing, and managing a comprehensive information security program that ensures the Security, confidentiality, integrity, privacy and availability of our customers data. The CISO will play a critical role in guiding the organization through the SOC 2 compliance process, ensuring that all necessary controls are established and maintained to meet SOC 2 standards. Key Responsibilities: Strategy Development: Develop and implement an information security strategy aligned with the company s goals and objectives. Establish a road-map for achieving SOC 2 compliance and continually assess compliance against SOC 2 criteria. Policy and Procedure Creation: Create and enforce information security policies, procedures, and standards to ensure compliance with SOC 2 requirements. Ensure the policies are regularly updated and communicated to all employees. Risk Management: Identify, assess, and mitigate information security risks related to company operations and data management. Conduct regular risk assessments and audits to evaluate the effectiveness of security controls. Team Leadership: Lead the information security team, fostering a culture of security awareness and compliance throughout the organization. Provide guidance and mentorship to team members in implementing security best practices. Stakeholder Collaboration: Work closely with executive leadership, IT, legal, and compliance teams to ensure alignment on security initiatives and SOC 2 compliance efforts. Serve as the primary point of contact for internal and external stakeholders regarding security and compliance matters. Training and Awareness: Develop and implement a security training and awareness program for all employees to promote a culture of security. Incident Response and Management: Oversee the incident response plan and ensure timely and effective responses to security incidents. Lead post-incident analysis to identify areas for improvement and prevent future occurrences. Continuous Improvement: Stay informed about industry trends, threats, and regulatory changes that may impact information security and compliance. Continuously evaluate and improve the organization s information security posture and compliance with SOC 2 standards. Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field; Master s degree preferred. Minimum of 6-10 years of experience in information security, with a focus on compliance (SOC 2 preferred). Proven experience in implementing and managing security frameworks and compliance programs. Strong understanding of SOC 2 requirements and best practices. Relevant certifications such as CISM, CISSP, or CISA are highly desirable. Excellent leadership, communication, and interpersonal skills.