Job Description:
We are looking for CISO to join our team and will own all aspects of Information Security, Company compliance with standards, manage providers security including cloud providers. In this position you will Reported to CDO, Working with DPO, R&D, DevOps and company executives.
Responsibilities:
• Develop, implement and monitor a comprehensive company information security risk management program to ensure that the integrity, confidentiality and availability of information are owned, controlled, or processed by the organization.
• Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
• Provide regular reporting on the current status of the information security program to the Chief Data Officer.
• Liaise with the R&D team and DevOps team to ensure alignment between the security, system architecture, and actual implementation.
• Collaborate with the commercial teams and assist the sales organization communicating our security practices as part of RFPs and sales processes
• Establishing, maintaining and overseeing the company’s vision and strategy and lead the program to ensure the company has the right tools and controls in place to protect its business operations, data, tools and network against a dynamic threat landscape as well as ensuring regulatory and compliance requirements are satisfied.
• Help our developers, establish best practices and ensure secure coding.
• Ensure regulatory and compliance requirements are satisfied.
• Establish, maintain and oversee the information security strategy and Roadmap.
Skills & Qualifications:
• 5+ years of experience as a Information Security manager or CISO, preferably in a SaaS company.
• Extensive knowledge of network and cloud infrastructure security and best practices.
• Security governance, risk, and compliance management experience.
• Prior experience and deep knowledge in implementing and maintaining ISO27001, SOC2.
• Strong knowledge of current and emerging cyber security risks (primarily on web and cloud), and modern risk management methods and solutions.
• Ability to influence others and work at all levels and departments across the organizational and with external vendors and partners.
• In depth knowledge of Security standards (ISO27001) and Privacy regulations (GDPR, CCPA, ISO27701).
• Fluent English both written and verbal.
• Experience with the Microsoft Azure ecosystem.
• Experience with large scale systems.
• Cybersecurity certification (e.g., CISSP, GSEC, CCISO).