Chief IT

Reports To: Chief Operating Officer Location: Ahmedabad
Job Summary:
The Chief Information Security Officer (CISO) is responsible for establishing and maintaining the organization's information security strategy, ensuring that systems, networks, and data remain secure against cyber threats. The CISO leads the development and execution of policies, procedures, and protocols to safeguard digital assets and ensure compliance with relevant regulations and standards.
Key Responsibilities:
Information Security Strategy:
Develop and implement a comprehensive information security strategy aligned with business objectives.
Establish and maintain security standards, frameworks, and policies.
Risk Management:
Identify, assess, and manage information security risks.
Conduct regular risk assessments and audits to identify vulnerabilities and threats.
Ensure risk mitigation strategies are implemented effectively.
Compliance and Governance:
Ensure compliance with relevant legal, regulatory, and industry standards (e.g., GDPR, ISO 27001, CMMILevel-5/STQC/CERTIN/CCPA).
Oversee the organization’s security governance framework.
Incident Response and Recovery:
Develop and maintain incident response plans and disaster recovery strategies.
Lead efforts to address and mitigate security breaches or incidents.
Conduct post-incident analysis and reporting.
Technology and System Security:
Oversee the selection, configuration, and deployment of security tools and technologies.
Ensure proper encryption, firewall, and endpoint protection systems are in place.
Leadership and Collaboration:
Lead and manage the information security team.
Collaborate with IT, legal, compliance, and business units to embed security practices into operations.
Provide training and awareness programs for employees on cybersecurity best practices.
Continuous Improvement:
Monitor the cybersecurity landscape to identify new threats and vulnerabilities.
Recommend and implement improvements to strengthen the security posture.
Qualifications and Experience:
Bachelor’s or Master’s degree in Information Security, Computer Science, IT, or a related field.
10+ years of experience in information security, with at least 5 years in a leadership role.
Relevant certifications (e.g., CISSP, CISM, CISA, CEH).
Proven track record of developing and implementing security programs and risk management strategies.
Strong understanding of security frameworks, protocols, and technologies.
Skills and Competencies:
Excellent leadership and team management skills.
Strategic thinking and problem-solving capabilities.
Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.
Hands-on experience with security technologies (e.g., SIEM, IDS/IPS, DLP).
Ability to work under pressure and respond to incidents in a timely manner.
Key Performance Indicators (KPIs):
Reduction in security incidents and breaches.
Compliance audit results.
Timeliness and effectiveness of incident response.
Employee security awareness program outcomes.
Alignment of security initiatives with business goals.
Apply with Updated resume to Email :
Will take up detailed discussion with you, if you have relevant required experience.
Contact Person : Ms. Pooja Raval & Ms..Riya Vaswani

---