Global CISO - Pune, India - Talent et au-dela

    Talent et au-dela
    Talent et au-dela Pune, India

    2 weeks ago

    Default job background
    Human Resources
    Description

    Global CISO

    Purpose of Role:

    • The information security team spread across the APAC and EMEA regions are responsible for maintaining, and supporting the cyber security, data protection and compliance function across both our group organisation and the services we provide to our customers. With the key objective of ensuring its stable operation, risk mitigation reputation protection and efficiency.
    • You will develop and maintain an information security budget. Research emerging security threats and vulnerabilities and advise management on appropriate countermeasures. Create and implement strategic plans to secure the company's and our customers ICT infrastructure, systems and data. Perform risk assessment and vulnerability analysis.
    • You will provide guidance on our cybersecurity program on a strategic level and ensure we remain compliant with cybersecurity and data privacy standards, policy, regulations, and legislation.
    • You will ensure that the objectives of our organisation's cybersecurity and data protection programs are in line with the goals of our group organisation.
    • You will be utilising your leadership experience and technical expertise to apply best information security practice in driving continuous improvement and innovation.
    • You will communicate with key stakeholders. In providing them with intelligence on key cybersecurity trends. For example, providing the board of directors or senior executives with information like; the security risk profile of our group organisation, any cybersecurity improvements in motion, notable cybersecurity incidents and the return on investment on past cybersecurity initiatives.
    • You will work closely with other teams across our clients group as well as our third parties, suppliers, and vendors to ensure that we meet our information security goals.

    Principal Responsibilities /Accountabilities:

    Operational :

    • Provide strategic leadership and direction in ensuring the security of the organisation across all business units and subsidiaries. Overseeing the Information Security and Cyber Security process for the group companies.
    • Assessing and identifying the potential cybersecurity risks that may impact the reputation, security, and financial prosperity of the group companies.
    • Championing Cybersecurity training and awareness throughout the group companies.
    • Manage incident response, to any security breach.
    • During a security incident, it is your responsibility to bring a level of clarity to the critical internal and external stakeholders. To be able to communicate information regarding incident response effectively to upper-level management.
    • Implement business continuity and disaster recovery plans
    • Ensure that consistent vendor management processes are in place to mitigate these information security risks by assessing supply chain cyber threats and provide stakeholders with an understanding of the information security impacts of entering into vendor relationships.
    • Manage the budget for our information security program efficiently and effectively.
    • Assessments of new security platforms/software.
    • Oversee compliance programs including SOC2, ISO27001 and GDPR
    • Keep up to date with information security industry trends and development.
    • Overseeing the Information Security and Cyber Security process for the group companies.
    • Build Business Partnerships to support sales, marketing, RFI/RFPs, customers, R&D, go-to market plans, Delivery Engineering, corporate functions.
    • Develop the Data Protection function and team.
    • Act as a focal point and escalation path for Data Protection.
    • Review strategy as laid out by the Data Protection Officer and help guide the implementation and governance programme.
    • Guide the development of a Privacy Information Management System.

    Leadership :

    • Focused Business Leader setting strategy aligned programmes.
    • Lead, motivate and develop the team.
    • Foster a culture of pride, teamwork and passion.
    • Provide communication on organisation's strategies to ensure team members contribute to those goals.
    • Setting standards and expectations of team member performance.
    • Conduct performance reviews and where necessary corrective action.
    • Determine staffing requirements and oversee department interview and hire process in conjunction with PX.
    • Oversee training and development plans are in place to support team members to achieve their full potential.

    Sales Support :

    • Lead the sales process and tender responses on Information Security, Security, ICT, and Data Protection functions.
    • Engage Customers and support Sales.

    Customer Focus:

    • Ensure clear communication with key internal and external stakeholders. In providing them with intelligence on key cybersecurity trends.
    • Foster relationships with internal stakeholders.
    • Contribute to cross-functional initiatives.
    • Communicate horizontally and vertically throughout the team and the organisation.
    • Work collaboratively with other teams within the Group organisation to maintain a shared, and cohesive Information Security, Cyber Security, Data Protection, and ICT direction.

    Financial Management:

    • Establish and manage the team specific budgets and ensure cost-effectiveness.
    • Manage the negotiation and acquisition of support contracts related to all three teams.
    • Review applicable billing and contractual documents.

    Person Specifications:

    Qualification / Experience / Knowledge:

    • Graduated with a BE / B.Tech degree from a prestigious university.
    • CISSP Certification is mandatory.
    • Solid track record of 18 – 22 years of experience within Information Technology sector
    • 5+ years of experience in a similar role.
    • Knowledge and hands-on experience with:
    • Cyber security and ITSM principles.
    • SOC, NIST and ISO27001 standards
    • Management of ICT infrastructure, networking, and the support thereof.
    • Risk Management practices.
    • Financial understanding and acumen.
    • Vendor management.
    • Cloud platforms (Azure and AWS).

    Personal Attributes :

    • Good communication, leadership, and interpersonal skills.
    • This role requires both of technical and soft skills, such as:
    • The ability to make quick decisions,
    • Build relationships, Strong analytical & debugging skills
    • Adapt to and maintain pace with the information security threat landscape and new technologies, in this ever-shifting cyber landscape.
    • Innovative in creating and delivering cyber security strategies for the organisation.
    • High levels of energy, motivation, sound judgement and determination to achieve with a sense of urgency.
    • Ability to make decisions independently.
    • A willingness to go the extra mile.

    #CISO #CISSP #ICT #CyberSecurity #ITSM #SOC #NIST #ISO27001 #CloudPlatform #Azure #AWS #GlobalCISO