Chief Information Security Officer/Head - IT Security

Job Title: Chief Information Security Officer (CISO) - Head IT Security

Location: Chennai, India

Job Type: 6 Months Contract To Hire (Based on Performance)

Travel Requirement: Up to 30% (within India, as needed)

Job Overview:

We are seeking a highly experienced and visionary Chief Information Security Officer (CISO) to lead the organization's cybersecurity strategy, governance, and execution. The ideal candidate will be a proactive, results-oriented leader with a strong passion for cybersecurity. The CISO will play a critical role in driving security innovations, managing cybersecurity risks, ensuring regulatory compliance, and leading the development of next-generation cybersecurity services and partnerships. This role requires a blend of technical expertise, leadership skills, and strategic thinking to protect and enhance the organization's security posture.

Key Responsibilities

1. Cybersecurity Strategy & Innovation

- Develop and implement an enterprise-wide cybersecurity strategy aligned with business objectives.

- Drive innovation in cybersecurity solutions, intellectual property (IP), and service offerings to meet market and customer needs.

- Establish and maintain industry best practices for security solutions, documentation, and delivery.

- Stay updated on emerging security threats, trends, and regulations to enhance the organization's security framework.

2. Leadership & Governance

- Lead the Center of Excellence (CoE) in cybersecurity, ensuring best practices in security engineering and solutioning.

- Oversee governance, risk, and compliance (GRC) activities, ensuring adherence to regulatory requirements and security frameworks.

- Provide thought leadership through white papers, industry presentations, and knowledge-sharing initiatives.

- Develop strong relationships with executive leadership, business stakeholders, and regulatory bodies.

3. Identity & Access Management (IAM)

- Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), Identity Governance and Administration (IGA), Privileged Access Management (PAM), and Customer Identity and Access Management (CIAM).

- Ensure security best practices and compliance in IAM implementations.

4. Application Security & Cloud Security

- Oversee vulnerability management, penetration testing, red teaming, static (SAST) and dynamic (DAST) application security testing.

- Ensure secure application development and secure DevOps practices.

- Manage Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP) across major cloud platforms (AWS, Azure, GCP).

5. Network, Endpoint & Infrastructure Security

- Design and implement security controls for firewalls, network detection and response (NDR), secure access service edge (SASE), endpoint detection and response (EDR), and extended detection and response (XDR).

- Establish robust infrastructure security frameworks to mitigate cyber threats.

6. Risk Management & Compliance

- Develop and enforce policies and frameworks for IT security risk management.

- Conduct security assessments, audits, and compliance checks in line with industry regulations (ISO 27001, GDPR, NIST, etc.).

- Establish third-party risk management programs for vendors and partners.

7. Client & Stakeholder Engagement

- Act as the key point of contact for security discussions with clients, partners, and industry leaders.

- Lead proposal development for cybersecurity solutions and respond to Requests for Proposals (RFPs).

- Collaborate with OEMs and technology partners to develop joint solutions and security innovations.

Qualifications & Experience

- Education: Bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus.

- Experience: 12-15 years of proven experience in cybersecurity, IT security controls, risk management, and compliance readiness.

- Certifications: Preferred certifications include CISSP, CEH, CCSP, GSEC, GIAC, CISM, CRISC, ISO 27001 Lead Auditor, or equivalent.

Technical Skills:

- Expertise in cybersecurity frameworks, risk management, and security architecture.

- Hands-on experience in security compliance (ISO, NIST, GDPR, etc.).

- Knowledge of security tools for IAM, application security, cloud security, and network security.

Leadership Skills:

- Strong ability to lead teams, drive security initiatives, and communicate effectively with stakeholders.

- Experience in managing cybersecurity partnerships and vendor engagements.

- Work Environment: Experience in Agile environments and the ability to work independently.

- Travel: Willingness to travel up to 30% within India as required.