Role Overview
The Chief Information Security Officer (CISO) is responsible for leading the organization's cybersecurity strategy, governance, and operational security programs. This role oversees the development and execution of enterprise-wide information security initiatives designed to protect systems, applications, infrastructure, and sensitive data from evolving cyber threats.
The position requires a highly experienced cybersecurity leader with expertise in governance, cloud security, incident response, risk management, and security operations within large-scale or enterprise technology environments.
Key Responsibilities
Cybersecurity Strategy & Leadership
- Define and lead the organization's long-term cybersecurity roadmap, including strategic initiatives, risk reduction goals, and performance metrics.
- Develop cybersecurity objectives and reporting frameworks for executive leadership and key stakeholders.
- Build, lead, and mentor high-performing cybersecurity teams while promoting collaboration, accountability, and continuous improvement.
- Partner with business and technology leaders to align security initiatives with organizational objectives and transformation programs.
Security Governance & Risk Management
- Establish and enhance cybersecurity governance frameworks, standards, and operational controls.
- Ensure alignment with industry security standards, regulatory requirements, and data protection practices.
- Lead initiatives related to risk management, data protection, encryption, identity and access management, and privileged access controls.
- Support third-party security assessments and vendor risk management activities.
Security Operations & Incident Response
- Oversee enterprise security operations and incident response capabilities.
- Collaborate with operational security teams to strengthen detection, monitoring, and response processes.
- Lead the development and continuous improvement of security processes and controls to address evolving cyber threats.
- Ensure security practices are embedded across technology environments and software development processes.
Cloud & Emerging Technology Security
- Define security strategies for cloud platforms, containerized environments, automation, and emerging technologies.
- Drive implementation of cloud security best practices, including infrastructure security, continuous monitoring, and automation frameworks.
- Monitor emerging cybersecurity trends and evolving threat landscapes to proactively improve security posture.
Qualifications
Required
- Bachelor's degree in Information Technology, Computer Science, Engineering, or a related field.
- Minimum of 15 years of experience in cybersecurity or information security within enterprise or large-scale technology environments.
- At least 7 years of leadership experience managing cybersecurity teams and organizational security programs.
- Strong knowledge of cybersecurity frameworks, standards, and compliance requirements such as NIST, ISO 27001, and related governance models.
- Deep understanding of cloud security principles, infrastructure security, automation, and modern security architectures.
- Experience leading enterprise security operations, governance, risk management, and incident response initiatives.
- Strong communication and stakeholder management skills, including the ability to engage executive leadership and simplify complex security concepts.
- Ability to evaluate emerging cybersecurity risks and adapt security programs accordingly.
Preferred
- Industry certifications such as CISSP, CISM, CISA, or equivalent cybersecurity credentials.
- Experience supporting secure software development and enterprise transformation initiatives.
Key Competencies
- Cybersecurity strategy and governance
- Executive leadership and stakeholder management
- Risk management and compliance oversight
- Security operations and incident response
- Cloud and emerging technology security
- Team leadership and organizational development
- Analytical thinking and strategic decision-making
