Head - Chief Information Security Officer

Experience: 15+ years in information security, risk management, and cybersecurity

Job Overview:

The Head of CISO is responsible for developing and implementing the organization's information security strategy, ensuring data protection, compliance, and risk management. This role requires strong leadership, technical expertise, and regulatory knowledge to safeguard enterprise systems and data.

Key Responsibilities:

1. Security Strategy & Governance:

- Define and implement enterprise-wide information security strategy and policies.

- Establish security frameworks, ensuring alignment with business objectives.

- Oversee security governance, risk, and compliance (GRC) programs.

2. Cybersecurity & Risk Management:

- Identify, assess, and mitigate cybersecurity threats and vulnerabilities.

- Implement security controls to protect critical assets, applications, and data.

- Monitor emerging security threats and ensure proactive risk mitigation.

3. Compliance & Regulatory Requirements:

- Ensure compliance with industry regulations (ISO 27001, NIST, GDPR, PCI-DSS, etc.).

- Work with auditors, regulators, and stakeholders to ensure legal compliance.

- Drive security awareness programs across the organization.

4. Incident Response & Crisis Management:

- Develop and manage cybersecurity incident response plans.

- Lead investigations into security breaches and cyber incidents.

- Coordinate disaster recovery and business continuity planning.

5. Technology & Security Architecture:

- Oversee security architecture for cloud, network, application, and endpoint security.

- Evaluate and implement security tools such as SIEM, IAM, DLP, and endpoint protection.

- Work closely with IT and DevOps teams to integrate security best practices.

6. Leadership & Stakeholder Collaboration:

- Lead and mentor a team of cybersecurity professionals.

- Collaborate with executive leadership to align security strategies with business goals.

- Report security posture, risks, and recommendations to senior management and the board.

Key Qualifications & Skills:

- Bachelor's/Masters in Computer Science, Cybersecurity, or related field.

- 15+ years of experience in cybersecurity, risk management, and compliance.

- Strong knowledge of security frameworks (NIST, CIS, ISO 27001).

- Expertise in cloud security, network security, and data protection.

- Hands-on experience with security tools like SIEM, IAM, DLP, and SOC operations.

- Leadership experience in managing large security teams and projects.

Industry certifications such as CISSP, CISM, CISA, or CEH preferred.