Chief Information Security Officer

**Position Description**:
Interprets information security policies, standards, and other requirements related to internal information systems and coordinates the implementation of these and other information security requirements. The Information Security Specialist redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability. The Information Security Specialist will provide highly specialized experience in one or more information, computer, or network security disciplines (e.g. penetration testing, accreditation, or risk assessment and mitigation); develop system security plans, certification and accreditation reviews; analyze and establish processes for comprehensive systems and data protection; assess and mitigate system security threats and risks; perform security audits, evaluation, risk assessments and make a strategic recommendations; and manages, supports, installs and maintains security tools and systems, and tracks security patches and incidents.

**Skills Preferred**:

- Advanced skills in timely communications and updates are provided for incident management and root-cause scenarios.
- Ability to work directly with data asset owners and business response plan owners during high-severity events of interest. Leads the effort on messaging and communication related to incident reporting for all audiences.
- Working with teams to provide recommendations to resolve and/or reduce the impact of incidents and to prevent future similar incidents.
- Develop and enrich restoration procedures to mitigate future outages and business disruptions. Experience providing written final incident reports to executive management that provide; Assessing the scope of incident damage and assisting in the determination of incident severity. Document activities such as investigation, discovery, and recovery during the incident. Experience with collaborating with departmental IT teams to identify the root cause of recurring incidents and create action plans to remediate and prevent recurring situations.
- Develop and implement an information security strategy and policies for the company
- Conduct regular security assessments and vulnerability testing to identify potential risks and threats
- Monitor and analyze security threats, and respond to security incidents promptly
- Ensure compliance with relevant data protection laws and regulations, such as GDPR and CCPA
- Manage and maintain security infrastructure, including firewalls, intrusion detection systems, and antivirus software
- Provide guidance and training to employees on information security best practices
- Conduct security awareness training for employees and stakeholders
- Manage security incidents, including containment, eradication, and recovery
- Collaborate with other teams to develop disaster recovery plans and business continuity strategies
- Develop and implement incident response and disaster recovery plans
- Perform risk assessments and make recommendations for mitigating risks
- Stay up to date with the latest trends and technologies in information security

**Experience Required**:

- Bachelor's degree in Computer Science, Information Technology, or a related field
- Professional certifications such as CISSP, CISM, or CISA
- At least 5 years of experience in information security, risk management, or a related field
- Experience managing and maintaining security infrastructure, including firewalls, intrusion detection systems, and antivirus software
- Strong knowledge of data protection laws and regulations, such as GDPR and CCPA
- Excellent analytical and problem-solving skills
- Ability to work under pressure and manage multiple priorities
- Strong communication and interpersonal skills
- Experience working with cloud-based infrastructure and services, such as AWS or Azure, is a plus

Overall, as the IT Admin CISO, you will play a critical role in ensuring the security of the company's digital assets and maintaining the trust of customers and stakeholders.

Pay: ₹546,512.00 - ₹1,000,000.00 per year

**Benefits**:

- Health insurance
- Paid sick time

Schedule:

- Day shift
- Monday to Friday

Ability to commute/relocate:

- Ahmedabad, Ahmedabad, Gujarat: Reliably commute or planning to relocate before starting work (required)

**Education**:

- Bachelor's (required)

**Experience**:

- 5 Years (required)

Work Location: In person
- Health insurance