Chief Information Security Officer

Job Opening: Chief Information Security Officer (CISO)

Location: Thane

Employment Type: Full-Time | Senior Leadership

Department: Security & Compliance

About Our Client

Our client is a global leader in AI/ML-powered Customer Engagement and Experience Platforms (CEE). They are dedicated to revolutionizing how B2C brands interact with their customers through state-of-the-art SaaS products that drive personalized engagement across the entire customer journey. Trusted by 5,000+ enterprise brands in 18 countries (including over 70% of India's unicorns), our client combines global influence with a local touch.

Engineering at Our Client

At our client, engineers directly shape engagement, conversions, revenue, and customer retention. The team thrives on solving complex challenges of scaling high-performance systems, leveraging cutting-edge technologies such as Kafka, Storm, RabbitMQ, Celery, RedisQ, GoLang, all deployed on AWS and GCP. Here, you're not just solving problems—you're setting industry benchmarks.

Culture & Recognition

Our client has been recognized as a Great Place to Work for three consecutive years. They foster a people-centric culture where collaboration, curiosity, and innovation are celebrated. Every employee's voice matters, making you feel like part of a family rather than just an employee.

Global Presence

• Headquarters: Mumbai
• Presence: 10 countries including the US and Germany
• Clients: 5,000+ enterprise brands worldwide

Why Join Our Client?

• Work on cutting-edge AI/ML-powered SaaS products
• Impact millions of end-users across industries
• Be part of a fast-paced, innovative, and collaborative team
• Growth-oriented environment with recognition and support

About the Role

We're looking for an experienced and visionary Chief Information Security Officer (CISO) to lead our company-wide information security strategy. As a key member of the senior leadership team, you'll be responsible for protecting our systems, data, and applications while aligning security initiatives with our business goals.

This role requires a strong leader with deep technical expertise, a strategic mindset, and a passion for building secure, scalable, and compliant environments—especially within fast-paced, SaaS or technology-driven companies.

Key Responsibilities

Strategic Leadership

• Define and drive the overall information security vision, strategy, and roadmap.
• Provide executive-level guidance on risk management, compliance, and emerging threats.
• Embed security best practices into business operations through cross-functional collaboration.

Risk & Security Program Management

• Develop and enforce comprehensive security policies, standards, and procedures.
• Lead enterprise-wide risk assessments, threat modeling, and vulnerability analysis.
• Monitor and respond to security threats, alerts, and reports in real time.

Incident Response & Recovery

• Lead the development and execution of incident response strategies and playbooks.
• Oversee security investigations and coordinate cross-functional remediation efforts.
• Act as point-of-contact for stakeholders and regulators during security events.

Compliance & Audit

• Ensure compliance with frameworks and regulations like ISO 27001, GDPR, SOC 2, etc.
• Support internal and external audits, and drive closure of any findings.
• Maintain comprehensive documentation of security policies and incident history.

Security Awareness & Culture

• Promote a culture of security through ongoing training and awareness programs.
• Collaborate with department leaders to ensure security is part of everyday practices.

Technical Leadership

• Oversee the implementation and management of tools like SIEM, IDS/IPS, firewalls, and encryption.
• Conduct regular penetration testing and vulnerability assessments.
• Stay ahead of industry trends and technologies to continually improve defenses.

Application Security Oversight

• Partner with engineering teams to integrate security into the SDLC.
• Lead secure code reviews, vulnerability assessments, and application threat modeling.
• Define and enforce secure coding standards; train teams on AppSec best practices.

What We're Looking For

Education & Certifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Advanced certifications preferred: CISSP, CISM, OSCP, CEH, or equivalent.

Experience

• 12+ years in information security, with leadership in enterprise environments.
• Strong background in SaaS or technology-led companies.
• Proven ability to align security programs with business strategy.

Skills & Competencies

• Deep knowledge of security frameworks (NIST, ISO 27001) and compliance standards (GDPR, SOC 2).
• Expertise in cloud security (AWS, GCP, or Azure).
• Strong communication and leadership skills to influence at all levels.
• Hands-on experience with security tools (SAST, DAST, SIEM, IDS/IPS, encryption).
• Analytical and data-driven approach to problem-solving.