Chief Information Security Officer (CISO)

The CISO is responsible for overseeing the overall information security strategy of the organization, including risk management, cybersecurity policies, and defense strategies against cyber threats. This role involves ensuring the protection of IT infrastructure, edge devices, networks, and data. The CISO works closely with other senior management to align security with business objectives.Key Responsibilities:Leadership and StrategyDevelop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.Work with the executive management team to define the security and risk management needs of the organization.Establish and maintain the enterprise vision and strategy to ensure the company's information assets are protected.Policy DevelopmentCreate and manage information security and risk management policies and procedures.Regularly update the cybersecurity policy to include protection against current and emerging threats.Risk ManagementIdentify, evaluate, and report on information security risks in a manner that meets compliance and regulatory requirements.Ensure that disaster recovery and business continuity plans are in place and tested regularly.Incident ManagementLead strategic response to information security incidents and provide post-event analyses.Establish and oversee formal risk analysis and self-assessments program for various information services systems and processes.Compliance and AuditingEnsure that compliance is maintained against both internal security policies and applicable laws and regulations.Coordinate with auditors regarding both internal and external audits.Team ManagementBuild and lead a team of information security professionals.Develop and enhance an information security management framework.Training and AwarenessPromote information security awareness among employees across the organization.Develop and deliver education and training programs on information and data security and privacy to enhance control consciousness within the enterprise.Vendor ManagementNegotiate contracts with vendors and service providers for installing security products and services.Oversee the relationships with vendors to ensure compliance with agreements and manage risks effectively.Budget ManagementDevelop and manage the budget for information security functions.Monitor and report on spending against the budget.Key Skills and Qualifications:Proven experience as a CISO or similar role in information security management and cybersecurity.Strong understanding of the cybersecurity risks associated with various technologies and ways to manage them.A high level of analytical and problem-solving abilities.Excellent interpersonal and leadership skills.Relevant certifications such as CISSP, CISM, or CISA.Knowledge of common information security management frameworks such as ISO/IEC 27001 and ITIL.Reporting Structure:Direct reporting to the CEO This role is critical for safeguarding the technological infrastructure of the company from potential threats and ensuring the confidentiality, integrity, and availability of data. PRB