As the CISO, you will be responsible for establishing and maintaining the Information Security Management System (ISMS) and the agreed level of information security within the organization, ensuring that adequate control is exercised over the information security processes and organization, providing support on all matters related to information security to all business units and third parties and analyzing and alerting senior management to newly identified threats and risks.
- Enterprise Security Ownership: Day-to-day design, direction, implementation, and management of the enterprise security strategy and program of the organization.
- Lead the security strategy of the company in order to meet business objectives.
- Policy ownership and awareness: Definition, creation, amendment, and communication of all security policies, standards, procedures, and security controls, including design and implementation of awareness programs, to all relevant parties and to assure enforcement and compliance.
- Stakeholder Management: Act as the liaison between Information Security and other organizational business functions, including IT, Finance, Human Resources, Legal, Operations.
- Programs and Audits: Responsible for maintaining the compliance programs. Liaison and management of the external audit activities for certifications.
- Incident Management: Monitoring and assessing incidents and actively participating in any security incident responses, including impact analysis and recommendations for avoiding similar vulnerabilities whilst keeping responsible stakeholders informed.
- Develop and maintain the GDPR and other privacy regulations compliance program.
- 3rd party security assessment.
- Advise and review on security issues during the B2B sales process.
- Extensive experience in the Information Security field on a global level (10+ years).
- In-depth technical understanding of application, network, operating system, database and infrastructure security concepts and tools.
- Strong management and influencing skills.
- Communicating with B2B clients and internal stakeholders while leading the security due diligence process.
- Previous project management experience implementing IS projects.
- Fluent English both written and verbal.
- Prior experience in implementing and maintaining compliance programs (ISO27001, GDPR, PCI, etc.)
- CISSP/CISM a plus
- Security experience in global B2B enterprise - advantage