Risk Management/Information Security/IT Security - CISO

Responsibilities:

- Develop, implement & monitor a strategic and comprehensive enterprise information security program to ensure that the integrity, confidentiality and availability of information is owned, controlled and processed by the organization.

- Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.

- Provide regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders

- Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.

- Ensure that security programs are in compliance with contractual requirements, relevant laws, regulations and policies.

- Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.

- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.

- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.

Requirements and Qualifications:

- Minimum 10 years of experience in a combination of risk management, information security and IT security.

- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non technical audiences.

- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.

- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired.

- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST.

- High degree of initiative, dependability and ability to work with little supervision.

Age limit not more than 40 years