Chief Information Security Officer - BFSI

Chief Information Security Officer (CISO)

Responsibilities-

Set up Information security

- Ensuring development, maintenance and communication of policies to direct security functions relative to information technology systems, networks, applications, and data communications that are consistent with applicable regulatory and compliance requirements.

- Assist in classification of asset and measure potential cost of risk and recommend appropriate security strategies.

- Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement

- Running security audits and risk assessments

- Delivering new security technology approaches and implementing next generation solutions

- Overseeing the management of the IT security department, giving leadership to the team and developing staff

- Ensuring Data privacy, security, compliance and governance is met

- Protecting the intellectual property of the organisation always

- Devising strategies and implementing IT solutions to minimise the risk of cyber-attacks

- Reporting to the board and being an active member of the senior management team

Ideal Candidate

- 13+ years of experience in IT security with CCISO certification.

- Implementation and certification experience in ISO 27001, BCP / DR, SOX / Service Organisation Controls (SOC), NIST, Privacy Regulations, SIEM, Security Operations Centre, application and infrastructure vulnerability testing, AWS Security

- Capable of empowering and leading an IT team to meet business and IT security goals

- Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies

- Ability to recommend appropriate technical security solutions for advanced DLP, DRM, cloud, encryption, virtualization, privacy risks

- Ability to understand client security requirements and conceptualize/design security controls to ensure the cost of protection is commensurate with the value at risk

- Monitor security vulnerabilities, threats and events in network and host systems

- Developing and implementing business continuity plans to ensure service is continuous when a change programme is introduced or a security breach occurs or if the disaster recovery plan needs to be triggered

- Work with senior management to ensure IT security protection policies are being implemented, reviewed, maintained and governed effectively

- Sound knowledge of the requirement of Computer Applications and Network security technologies and principles