Chief Information Security Officer

At Kshema, we are re -imagining agricultural insurance by harnessing the power of public cloud, GIS, remote sensing, and cutting -edge AI algorithms to assess, model, and price insurance risks for farmers accurately. We leverage the latest advancements in mobile, geospatial technologies, and web platforms to empower the next generation of agricultural insurance.The Chief Information Security Officer (CISO) will be responsible for driving the organization's cybersecurity strategy and ensuring compliance with all relevant regulatory and statutory requirements. This role involves enforcing policies to protect the organization's information assets and coordinating cybersecurity -related matters internally and with external agencies. Roles and ResponsibilitiesDefine the organization's information security roadmap with a forward -looking vision.Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.Lead the implementation and review of hardware, network, and software security standards and controls to protect systems, data, and assets from internal and external threats.Identify and implement security assessment and testing processes, including penetration testing, secure software development, and vulnerability management.Evaluate and deploy best -in -class security products and tools.Proactively monitor and identify security issues, potential threats, and emerging vulnerabilities, continuously improving security standards.Conduct information security awareness training and orientation for all employees.Lead security assessment practices, including audits and reviews.Provide strategic risk guidance for IT projects, including assessments of implementation architecture, technical standards, and protocols.Perform real -time analysis, investigations, and forensics when necessary, and strengthen security measures accordingly.Develop strategies to handle security incidents and initiate investigations, ensuring regular stakeholder communication on security practices.Create and implement strategies for deploying security technologies to minimize cyber -attack risks.Continuously assess current IT security practices and systems, identifying areas for improvement.Ensure compliance with the latest regulations and requirements.Develop and implement business continuity plans. Requirements Desired Skills and ExperienceEngineering graduate or postgraduate in computer science, IT, electronics and communications, or a cybersecurity -related field.Minimum of 15 years of experience in risk management, information security, or cybersecurity.Strong knowledge of information security management frameworks such as ISO/IEC 27001 and NIST.Good understanding of DevSecOps, secure SDLC, security automation, security testing, disaster recovery, and business continuity planning.Experience in financial forecasting and budget management.Familiarity with industry security standards, protocols, and data privacy regulations relevant to the organization.Ability to manage ambiguity and solve complex problems.Experience with contract and vendor negotiations, including managed services.Specific experience in agile (scaled) software development or other best -in -class development practices.Ability to collaborate with cross -functional teams and lead by example.Certifications such as CISSP, CEH, CISA, and CISM are highly desirable.Proven experience in designing, implementing, and operating security in one or more public clouds (AWS, Azure, Oracle, GCP).Excellent written and verbal communication skills, along with a high level of personal integrity.Strong presentation skills.Prior experience in payments, banking, or fin -tech domains is essential.