Talent.com
This job offer is not available in your country.
CISO Professional

CISO Professional

ConfidentialHyderabad / Secunderabad, Telangana
5 days ago
Job description
  • We are seeking a skilled and experienced professional to join our dynamic team as the Chief Information Security Officer (CISO)
  • As a mid-sized software company, we are looking for a candidate who can lead our information security efforts with a focus on safeguarding our digital assets, ensuring compliance with relevant regulations, and implementing robust cybersecurity measures
  • This position is intended for a mid-level candidate with a focus on practical implementation and management of cybersecurity measures
  • The role is designed for a hands-on leader who can effectively navigate the unique challenges of a mid-sized software company
  • Conduct periodic assessments to evaluate and enhance the effectiveness of the Information Security Management System (ISMS).
  • Ensure compliance with legal and regulatory requirements pertaining to Information Security (IS) through thorough evaluations.
  • Assess adherence to organizational Information Security (IS) policies, procedures, standards, guidelines, and directives, providing guidance to the Executive Leadership Team (ELT).
  • Conduct Information Security (IS) audits at least annually or following significant changes in IT systems / Infrastructure.
  • Generate comprehensive IS audit reports inclusive of recommendations to enhance Information Security (IS).
  • Seek senior management approval for IS audit reports before dissemination.
  • Periodically share approved audit reports with the Executive Leadership Team (ELT).
  • Lead customer facing reviews and Audits.

    • Desired Skills : Strategic Planning

    • Secure endorsement and guidance from top management to facilitate the implementation of Information Security (IS) measures within the organization.
    • Identify IS goals and objectives aligned with organizational business needs and objectives.
    • Clearly define the scope and boundaries of the Information Security (IS) program.
    • Comprehend and adhere to legal and regulatory requirements related to Information Security.
    • Develop comprehensive IS implementation strategies.
    • Strategize and establish organization-wide Information Security Management System (ISMS) in accordance with the ISO / IEC 27001 Standard, directives, and other pertinent security standards.
    • Establish a risk management framework to guide IS initiatives.
    • Define key performance indicators and metrics for measuring the effectiveness of Information Security (IS).
    • Obtain top management approval for the Information Security (IS) plan, budget, and resource allocation.

      • Policy Planning

    • Identify Information Security (IS) policies, standards, procedures, guidelines, and processes.
    • Establish a formalized process for creating, documenting, reviewing, updating, and implementing security policies.
    • Clearly define the Information Security (IS) policy.
    • Establish a policy for the classification of information and information assets.
    • Take the lead in coordinating the development of organization-specific information security policies, procedures, guidelines, and processes in consultation with various stakeholders, including ELT.
    • Obtain approval for Information Security (IS) policies, procedures, guidelines, and processes.

      • Information Security Management Responsibilities :

    • Develop, maintain, and enhance organization wide IS and risk management plans.
    • Disseminate and enforce IS policies, procedures, and guidelines.
    • Integrate IS procedures with business processes and IT planning.
    • Periodically evaluate and enhance the effectiveness of IS measures.
    • Issue alerts, conduct risk assessments, and monitor security incidents.
    • Manage records of IS incidents, take remedial actions, and report to ELT.
    • Ensure compliance with legal and regulatory requirements for IS.
    • Raise and maintain information security awareness.
    • Evaluate and upgrade training and awareness programs.
    • Lead the implementation of Business Continuity Plan (BCP) and conduct mock drills.
    • Define and implement change management plans for IS systems and ISMS.
    • Ensure compliance with IS by contractors / suppliers.
    • Ensure that all storage media, when no longer required, are disposed security and safely as per laid down procedures.
    • Ensure safety and security of portable computing devices / storage media when they are taken outside of the organization.
    • Ensure all information systems with organization are adequately patched and updated.

      • Desired Qualifications :

    • Bachelors degree in computer science, Information Technology, or related field.
    • 10 years of experience in a senior cybersecurity role.
    • Relevant industry certifications such as CISSP, CISM, or similar preferred.
    • Strong understanding of software development security practices.
    • Excellent communication and leadership skills

      • Skills Required

      Isms, Risk Management, Compliance, Iso 27001, Information Security, Cissp

    Create a job alert for this search

    Professional • Hyderabad / Secunderabad, Telangana