Job Overview:
* We are seeking a highly skilled professional to lead our information security efforts.
* This role requires a strong understanding of risk management and the ability to develop and implement effective security strategies.
Key Responsibilities:
* Develop and implement a comprehensive security strategy aligned to industry best practices.
* Maintain a thorough risk register, define risk appetite, and conduct regular risk assessments.
* Design and test incident response processes, including reporting in accordance with regulatory requirements.
* Establish business continuity and crisis management procedures for cyber resilience.
* Oversee third-party / vendor security risk assessments and ensure compliance with industry standards.
* Define secure architecture (cloud, IAM, encryption) and embed secure software development life cycle practices.
* Drive a company-wide security awareness program to promote a culture of security.
* Lead security governance: policies, metrics, and board reporting.
Requirements:
1. Proven track record of developing and implementing successful security strategies.
2. Strong understanding of risk management principles and practices.
3. Ability to maintain a risk register, define risk appetite, and conduct regular risk assessments.
4. Experience with incident response processes, including reporting.
5. Knowledge of business continuity and crisis management procedures for cyber resilience.
6. Expertise in third-party / vendor security risk assessments and industry standards.
7. Familiarity with secure architecture (cloud, IAM, encryption) and software development life cycle practices.
8. Ability to drive a company-wide security awareness program.
9. Strong leadership skills and experience with security governance.