Chief Information Security Officer (CISO)
This is a senior leadership role responsible for developing and overseeing our cybersecurity strategy, operational cyber risk, and resilience matters.
Key Responsibilities:
* Develop, implement, and oversee a strategic enterprise information security and IT risk management program.
* Work closely with senior executives to identify, mitigate, and manage IT risks.
* Provide guidance on security risks associated with new systems and business processes.
* Establish, implement, and enforce information security policies, standards, and procedures.
* Ensure compliance with industry best practices and international security standards (ISO, ITIL, DORA).
* Oversee incident response planning, security breach investigations, and related legal or disciplinary matters.
* Provide regular security reports and updates to senior business leaders and executive leadership.
* Stay up-to-date with changing cybersecurity regulations and ensure firm-wide compliance.
* Lead and manage the information security team, ensuring effective performance and professional development.
* Assess potential threats and vulnerabilities through continuous monitoring and assessment.
Qualifications & Experience:
* Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field.
* Master's degree preferred.
* Professional security certifications such as CISSP, CISM, or equivalent required.
* Minimum 10 years experience in risk management, information security, and IT roles.
* Familiarity with security management frameworks such as ISO, ITIL, COBIT, and NIST.
* Proven track record of developing security policies, implementing change programs, and achieving measurable security improvements.
Key Competencies:
* Strong knowledge of cybersecurity principles, trends, and best practices.
* Expertise in security frameworks and standards such as NIST, ISO 27001, GDPR.
* Excellent communication skills, with the ability to convey security risks to both technical and non-technical audiences.
* Ability to remain calm and make effective decisions under high-pressure situations.
* Proven leadership and team management capabilities.
* Strategic thinker with strong problem-solving abilities.
* Strong analytical skills and high attention to detail.
* Ability to manage multiple security projects and programs simultaneously.