Chief Information Security Officer

Job Title: Chief Information Security Officer (CISO)
Experience: 8 to 15 years
Location: Bangalore, India
Notice Period: Immediate to 15 Days Only

We are seeking an experienced and strategic Chief Information Security Officer (CISO) to join our organization and lead the enterprise-wide information security strategy. As a key member of the leadership team, the CISO will be responsible for developing, implementing, and maintaining a robust cybersecurity framework that aligns with business objectives while safeguarding critical data assets and technology infrastructure. The ideal candidate will have deep technical expertise, exceptional leadership capabilities, and a proven track record in managing enterprise-level security programs.

• Security Strategy Development:
  Design and implement a comprehensive information security strategy that protects the organization's digital assets, including networks, systems, and data, from both internal and external threats.

• Policy and Procedure Implementation:
  Develop, update, and enforce information security policies, procedures, standards, and guidelines to ensure consistent application of security controls across the organization.

• Risk Management:
  Continuously monitor, evaluate, and address cybersecurity risks through regular risk assessments, threat modeling, and vulnerability analysis. Ensure timely mitigation of identified risks.

• Regulatory Compliance:
  Ensure the organization adheres to key regulatory and industry compliance standards, including but not limited to ISO 27001, NIST, GDPR, and TISAX. Lead internal and external audits, and maintain proper documentation to demonstrate compliance.

• Security Awareness and Training:
  Drive a culture of security awareness by developing and conducting training programs, workshops, and campaigns for employees at all levels.

• Incident Response and Recovery:
  Lead the development and testing of incident response plans and disaster recovery procedures. Coordinate effective response to security incidents, minimizing business impact and facilitating root cause analysis and lessons learned.

• Security Assessments:
  Oversee regular penetration testing, vulnerability scanning, and third-party security assessments. Ensure remediation of identified issues and continuous improvement of defenses.

• Cross-Functional Collaboration:
  Work closely with IT, DevOps, legal, HR, and other business units to embed security controls into business operations and technology projects. Guide product and infrastructure teams in secure development and architecture practices.

• Executive Reporting:
  Report on the status of the information security posture to executive leadership and the board of directors. Provide insights on emerging threats, security investments, and performance metrics.

• Experience:
  8 to 15 years of experience in information security, with at least 5 years in a leadership or senior management role, preferably as a CISO or similar.

• Technical Proficiency:
  Strong knowledge of cybersecurity principles, technologies, and frameworks, such as ISO 27001, NIST CSF, COBIT, and CIS Controls. Experience with security operations, network security, application security, and data protection.

• Risk & Compliance Expertise:
  In-depth understanding of enterprise risk management, regulatory compliance (e.g., GDPR, HIPAA, TISAX), and industry-specific cybersecurity standards.

• Certifications (Preferred):
  Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), or equivalent are highly desirable.

• Leadership & Communication:
  Strong leadership qualities with the ability to influence and guide cross-functional teams. Excellent verbal and written communication skills, capable of presenting complex security topics to non-technical audiences, including senior management.

• Business Acumen:
  Ability to align security strategy with business goals and effectively manage budgets, vendors, and security investments.

This is a high-impact role offering the opportunity to shape and lead the security vision of a forward-thinking organization. You will be empowered to build a secure environment that fosters innovation while ensuring our digital and customer assets remain protected. If you're a proactive leader passionate about cybersecurity and ready to make a difference, we encourage you to apply.