Our client is seeking for an experienced Chief Information Security Officer (CISO) to be responsible for the overall security strategy, policies, and programs of the organization. The CISO plays a crucial role in protecting the company's sensitive data, information systems, and technology infrastructure from cyber threats, ensuring compliance with relevant regulations, and managing the incident response process in case of security breaches
Key Responsibilities:
Security Strategy and Leadership:
- Develop and communicate the organization's cybersecurity vision and strategy.
- Provide leadership and guidance to the security team and other relevant departments.
- Stay updated on emerging threats and technologies to inform security decisions.
Risk Management:
- Identify and assess security risks, vulnerabilities, and potential impacts on the organization.
- Develop and implement risk mitigation strategies and controls.
- Establish a risk-aware culture throughout the organization.
Security Policies and Procedures:
- Develop and maintain security policies, standards, and procedures.
- Ensure that employees are aware of and comply with security policies and guidelines.
- Conduct regular security awareness training and education programs.
Security Architecture and Technology:
- Oversee the design and implementation of security architecture and technologies.
- Evaluate and select security tools and solutions to protect the organization's assets.
- Monitor the effectiveness of security technologies and make necessary adjustments.
Compliance and Legal Requirements:
- Ensure the organization complies with relevant data protection laws and regulations.
- Work with legal and compliance teams to address cybersecurity compliance issues.
- Manage relationships with external auditors and regulatory bodies.
Reporting and Communication:
- Provide regular reports and updates on the state of cybersecurity to executive management and the board of directors.
- Communicate security incidents and their impact to relevant stakeholders.
Qualifications:
- Bachelor's degree in a related field (Information Security, Computer Science, etc.). A master's degree is often preferred.
- Extensive experience in information security, with a minimum of 10 years in progressively responsible roles.
- Relevant industry certifications such as CISSP, CISM, or CISA are highly desirable.
- Strong understanding of cybersecurity principles, technologies, and best practices.
- Excellent communication and leadership skills.
- Ability to work collaboratively and build cross-functional relationships.
- Knowledge of applicable laws and regulations related to data protection and privacy.
MORGAN MCKINLEY
EA Licence No: 11C5502
Registration No: R1106192
