OfBusiness - Chief Information Security Officer

Chief Information Security Officer (CISO),

OXYZOs

Key Responsibilities

• Security Strategy & Governance :
• Develop and implement the organizations information security strategy aligned with business objectives.
• Establish governance frameworks, policies, and security standards across the enterprise.
• Report regularly to the CEO and Board on security posture, risks, and progress.
• Risk Management & Compliance :
• Build and oversee a comprehensive risk management program to identify, assess, and mitigate cyber risks.
• Ensure compliance with applicable regulatory, legal, and contractual requirements (ISO 27001, SOC2, GDPR, PCI DSS, etc.).
• Lead regular security audits and certification processes.
• Cybersecurity Operations & Incident Management :
• Oversee security operations including monitoring, detection, and response.
• Direct incident response processes to ensure timely containment, recovery, and root cause analysis.
• Ensure disaster recovery and business continuity plans are robust and tested.
• Technology & Emerging Threats :
• Evaluate and implement advanced security solutions, automation tools, and intelligence platforms.
• Anticipate and prepare for emerging cyber threats, zero-day vulnerabilities, and APTs.
• Drive secure architecture, DevSecOps adoption, and cloud security initiatives.
• Leadership & Culture :
• Build, mentor, and lead a high-performing security team (Red Team, Blue Team, GRC, SOC).
• Champion a security-first culture across the organization through training and awareness.
• Provide leadership guidance to business units on secure practices.
• External Stakeholder Engagement :
• Act as the executive face of security for regulators, auditors, customers, and partners.
• Ensure the organization maintains a strong reputation for security and compliance in the market.
• Collaborate with external security communities and industry bodies to stay ahead of best practices.