Job Role: Chief Information security Officer
Experience: Minimum of 5 -7years experience in security and safety related experience, including a minimum of 2 years in a Cloud SAAS platform products global organization. Total Experience cannot exceed 12 years.
Qualifications: Graduate from a recognized top tier university in India or the USA.
Ideal Certifications: CEH, CISA, CISM , CISSP among others. A B.Tech in IT Systems or CS.
Roles and Responsibilities:
- Manage the entire Cloud Solutions Information Security , Architecture and Thtreat metrics of the ZingHR Cloud Products Business across global geographies for its entire customer ecosystem.
- Protecting the Enterprise Digital Assets of its customers on the ZingHR Digital Platform first with tolerance for 0 error.
- Managing Cyber Security for the entire organization and its customers across geographies and time zones.
- Achieving Annual Processes of security compliance’s and code security processes like VAPT, Web VAPT etc
- Setting up and certifying SOC teams to do internal audits and processes.
- Running constant Threat Hunting processes with the internal teams to proactively handle Cyber attacks of any kind.
- Running without errors Incidence Response Plan, DLP Plan , Threat Modelling and DRP Plan.
- Achieve Zero Trust Security in our engagement with customers along with Internal Digital Footprint management.
- Achieve Remote Working by design for our engaged workforce – in and outside of our Networks.
- Achieve successful implementation of the Privacy Framework
- Be a key team member of the leadership team with high visibility in the CIO networks. Key Role
- Strategic Planning in consultation with key leadership team.
- Policy Planning & Implementation
- Information Security Management
- Information Security Audits
- Customer Communication with key industry CISO/CIOS
Key Job Traits
- Decision making Skills and Authority
- Excellent communications and relationships
- Excellent written and verbal communication in English is mandatory
Key Result Areas
- Responsible for data , security & threat management , compliance’s: GDPR, Privacy Provisions, Data Compliance’s
- Responsible for financial: constant evaluation of the information security architecture leading to optimal financial investment metrics to invest, maintain and grow this practice.
- Responsible for customer interaction: manage key customer conversations at various Stages in the prospecting cycle for business where this is a must have capability.
- Responsible for people: department team members associated with providing andn facilitating security management
- A CISO must be aware of the architectures of enterprise and security. You should know the practices and methods when it comes to IT strategy.
- A good background in computer networking concepts such as DNS, authentication,
- VPN, proxy services and DDOS mitigation technologies is necessary. Experience with
- TCP/IP, routing and switching is also required.
- Must be proficient to work with Windows and Unix like operating systems. One must have experience in various programming languages like Python, Java and PHP.
- Must be able to define and develop network security architecture.
- As a CISO you are expected to help with regulatory compliance and so it is necessary to know about PCI, HIPAA, NIST, GLBA and SOX compliance assessments as well.
- Should be able to deal with frameworks like ISO 27001/27002, ITIL and COBIT.
- Know protocols that deal with intrusion detection, intrusion prevention, and firewalls.
- Techniques for ethical hacking and threat modeling and also the concepts of practices for secure coding is also essential.