Job Description

Information Security Leader : The Information Security Leader is responsible for overseeing an organization\'s information security strategy, policies, and programs. The primary objective is to ensure the confidentiality, integrity, and availability of the organization\'s information assets and technology infrastructure. The role involves a combination of technical expertise, strategic planning, risk management, and leadership skills. Having at least 10 years of experience in information Security leadership roles, and an overall over 18+ years of experience Key Responsibilities: 1. Information Security Strategy : Develop and execute a comprehensive information security strategy aligned with the organization\'s business objectives. This includes identifying security goals, priorities, and initiatives. 2. Risk Management : Identify, assess, and prioritize security risks and vulnerabilities that could impact the organization\'s critical assets. Develop risk mitigation strategies and collaborate with other departments to implement security controls. 3. Security Policies and Procedures : Establish and enforce information security policies, standards, guidelines, and procedures across the organization. Ensure that employees and contractors adhere to these policies to maintain a secure computing environment. 4. Security Architecture and Technology : Design, implement, and manage security architecture, technologies, and solutions to safeguard the organization\'s systems, networks, applications, and data. This includes firewalls, intrusion detection/prevention systems, encryption, authentication, and more. 5. Incident Response and Management : Develop and lead incident response plans to effectively handle security breaches, cyberattacks, and other security incidents. Coordinate with internal teams, external vendors, and law enforcement agencies as needed. 6. Security Awareness and Training : Foster a culture of security awareness among employees by providing training, workshops, and resources to help them understand their role in maintaining information security. 7. Compliance and Regulatory Requirements : Ensure the organization complies with relevant industry regulations and standards (such as GDPR, HIPAA, ISO 27001), and manage audits and assessments to demonstrate compliance. 8. Vendor and Third-Party Security : Assess the security posture of third-party vendors and partners, especially those with access to sensitive information, to ensure they meet the organization\'s security standards. 9. Budget and Resource Management : Manage the information security budget, allocating resources for security initiatives, tools, training, and personnel. Justify expenditures to senior leadership and demonstrate the value of security investments. 10. Security Governance : Provide regular updates on the organization\'s security posture to the executive team and board of directors. Participate in governance meetings to align security strategies with business goals. 11. Security Incident Reporting and Metrics : Establish key performance indicators (KPIs) and metrics to measure the effectiveness of the organization\'s security program. Prepare and present reports on security incidents, trends, and improvements. 12. Leadership and Team Management : Build and lead a skilled security team, including security analysts, engineers, architects, and other specialists. Foster professional growth and development within the team. 13. Play a key role in protecting an organization\'s sensitive information, maintaining its reputation, and ensuring business continuity in the face of evolving cyber threats. Qualifications: - A bachelor\'s degree in information technology, computer science, or a related field (master\'s preferred). - Relevant industry certifications such as CISSP, CISM, or CISA.

foundit