Chief Information Security Officer - IT

Chief Information Security Officer (CISO)

A chief information security officer (CISO) will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets are adequately protected. The CISO is responsible to identify, manage and mitigate the risks presented by Information Security Threats. CISO will operate a portfolio of programs to achieve this end including Security Operations (identify and respond to Information Security threats), Cyber Assurance (identify Information Security risks, as well as operate the Compliance, Identity and Access Management Programs).The CISO serves as the process owner of all on going activities related to the confidentiality, integrity and availability of information and resources of customers, business partners, employees and business information, in compliance with the organization's information security policies.

Key Responsibilities

1. Help the organization track interesting trends on emerging technologies that are relevant to business and take advantage of such technology trends.

2. Use sophisticated means to track and deliver software on schedule by minimizing risk, tracking dependencies, proactive planning and efficient communication with the extended teams.

3. Develop and execute a Strategic Plan that incorporates the Information Security Roadmap, resource plan, policies, processes, procedures, standards as well as security awareness and training. Develop and manage information security budgets.

4. Manage a Cyber Assurance Practice that includes policies, processes, procedures and technology that addresses Critical Business Process Identification, Departmental Risk, Sensitive Information, Systems Security Planning, Systems Configuration Management, Vulnerability Management, Electronic Discovery, as well as Compliance Management.

5. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Evaluate network threat analysis data and risk assessment results to identify and recommend appropriate security controls/solutions. Coordinate with departmental IT groups to ensure that Information Security principles are integrated into the environment as part of the fabric of the organization.

A chief information security officer (CISO) will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets are adequately protected. The CISO is responsible to identify, manage and mitigate the risks presented by Information Security Threats. CISO will operate a portfolio of programs to achieve this end including Security Operations (identify and respond to Information Security threats), Cyber Assurance (identify Information Security risks, as well as operate the Compliance, Identity and Access Management Programs).The CISO serves as the process owner of all on going activities related to the confidentiality, integrity and availability of information and resources of customers, business partners, employees and business information, in compliance with the organization's information security policies.

Key Responsibilities: 

1. Help the organization track interesting trends on emerging technologies that are relevant to business and take advantage of such technology trends.

2. Use sophisticated means to track and deliver software on schedule by minimizing risk, tracking dependencies, proactive planning and efficient communication with the extended teams.

3. Develop and execute a Strategic Plan that incorporates the Information Security Roadmap, resource plan, policies, processes, procedures, standards as well as security awareness and training. Develop and manage information security budgets.

4. Manage a Cyber Assurance Practice that includes policies, processes, procedures and technology that addresses Critical Business Process Identification, Departmental Risk, Sensitive Information, Systems Security Planning, Systems Configuration Management, Vulnerability Management, Electronic Discovery, as well as Compliance Management.

5. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Evaluate network threat analysis data and risk assessment results to identify and recommend appropriate security controls/solutions. Coordinate with departmental IT groups to ensure that Information Security principles are integrated into the environment as part of the fabric of the organization.