Job Role: Chief Information security Officer

Experience: Minimum of 5 -7years experience in security and safety related experience, including a minimum of 2 years in a Cloud SAAS platform products global organization. Total Experience cannot exceed 12 years.

Qualifications: Graduate from a recognized top tier university in India or the USA.

Ideal Certifications: CEH, CISA, CISM , CISSP among others. A B.Tech in IT Systems or CS.

Roles and Responsibilities:

• Manage the entire Cloud Solutions Information Security , Architecture and Thtreat metrics of the ZingHR Cloud Products Business across global geographies for its entire customer ecosystem.

Job Responsibilities

• Protecting the Enterprise Digital Assets of its customers on the ZingHR Digital Platform first with tolerance for 0 error.
• Managing Cyber Security for the entire organization and its customers across geographies and time zones.
• Achieving Annual Processes of security compliance’s and code security processes like VAPT, Web VAPT etc
• Setting up and certifying SOC teams to do internal audits and processes.
• Running constant Threat Hunting processes with the internal teams to proactively handle Cyber attacks of any kind.
• Running without errors Incidence Response Plan, DLP Plan , Threat Modelling and DRP Plan.
• Achieve Zero Trust Security in our engagement with customers along with Internal Digital Footprint management.
• Achieve Remote Working by design for our engaged workforce – in and outside of our Networks.
• Achieve successful implementation of the Privacy Framework
• Be a key team member of the leadership team with high visibility in the CIO networks. Key Role

Summary

• Strategic Planning in consultation with key leadership team.
• Policy Planning & Implementation
• Information Security Management
• Information Security Audits
• Customer Communication with key industry CISO/CIOS

Key Job Traits

• Decision making Skills and Authority
• Excellent communications and relationships
• Excellent written and verbal communication in English is mandatory

 Key Result Areas

• Responsible for data , security & threat management , compliance’s: GDPR, Privacy Provisions, Data Compliance’s
• Responsible for financial: constant evaluation of the information security architecture leading to optimal financial investment metrics to invest, maintain and grow this practice.
• Responsible for customer interaction: manage key customer conversations at various Stages in the prospecting cycle for business where this is a must have capability.
• Responsible for people: department team members associated with providing andn facilitating security management

Technical Skills

• A CISO must be aware of the architectures of enterprise and security. You should know the practices and methods when it comes to IT strategy.
• A good background in computer networking concepts such as DNS, authentication,
• VPN, proxy services and DDOS mitigation technologies is necessary. Experience with
• TCP/IP, routing and switching is also required.
• Must be proficient to work with Windows and Unix like operating systems. One must have experience in various programming languages like Python, Java and PHP.
• Must be able to define and develop network security architecture.
• As a CISO you are expected to help with regulatory compliance and so it is necessary to know about PCI, HIPAA, NIST, GLBA and SOX compliance assessments as well.
• Should be able to deal with frameworks like ISO 27001/27002, ITIL and COBIT.
• Know protocols that deal with intrusion detection, intrusion prevention, and firewalls.
• Techniques for ethical hacking and threat modeling and also the concepts of practices for secure coding is also essential.