Apply Now

Chief Information Security Officer (CISO)

Hyderabad, India | Milestone Technologies, Inc.

  • Industry:
    Information Technologies
  • Position Type:
    Full-Time
  • Functions:
    IT / Information Technology
  • Experience:
    5-7 years
Job Description:
90 people have viewed this job

Position Summary


Reporting to the Chief Operating Officer (COO), with a matrix reporting relationship to the India-based Development Centre Leader & Regional General Manager, this role serves as the focal point for Information Security policy and internal operations for Milestone on a global basis. 


Key Responsibilities 


Define, implement and manage a comprehensive IT security program that supports corporate business objectives, ensures adherence to regulatory requirements and continually focuses on improving our security posture

Collaborate with global, cross functional teams and senior business leaders to provide the corporate vision and define the Information Security strategy; effectively balance the business needs of our internal stakeholders and customers in addition to focusing on adherence to regulatory and compliance needs

Use a risk-based approach to provide leadership, direction and prioritization in assessing and evaluating information security risks across the organization with a high level of integrity and discretion, positioning the identified risks with executives and ensuring the execution of the agreed upon mitigation/remediation steps

Socialize the resulting strategy to create alignment and support for these goals and initiatives, communicating regularly to ensure that leadership at all levels is informed about efforts and trends impacting the overall effectiveness of the information security programs; determine key performance criteria and metrics

Identify and advocate for investments to achieve the security strategy by aggressively managing capital and operating budgets and providing thorough ROI analyses to recommended new IT spend, as appropriate

Assume responsibility for the ongoing development and implementation of the information security project portfolio, incident response and security policy frameworks, security compliance activities, threat and vulnerability management, as well as administration of the Milestone information security training and awareness program, providing specialized triaging in areas of high sensitivity

Define, drive and manage the corporate information security technology architecture spanning security solutions across the enterprise, continually keeping abreast of new solutions and positioning them within the enterprise

Define security requirements to allow for corporate and external service compliance to industry standards including HIPAA, PCI, SOC2, SOX, Privacy Shield, GDPR and other regulatory data handling

Evangelize compliance requirements across the enterprise partnering with cross functional teams to ensure compliance across the enterprise and, when required, lead these teams in cross-functional efforts

Ensure execution of required testing and auditing activities by internal and external parties leading to the successful certification of the company on an on-going basis

Lead, recruit, mentor and develop an IT Compliance Analyst (Hyderabad) to assist with IT Security and Compliance tasks

Qualifications

Person Profile


Bachelor’s Degree and minimum of 5 years of relevant industry experience required

Seasoned information security expert with a solid external reputation who has built/led a broad security organization, set strategic direction at the executive level, engaged with senior leaders, influenced/gained consensus on key initiatives, and has a record of measurable results

Technically conversant and able to be hands on with a demonstrated track record of success in an organization of similar size and scale who influenced growth, strategic direction and change

Experience implementing risk management programs that can effectively identify, prioritize and manage security related risks for the business; e.g., SOX, PCI-DSS, HIPAA and GLBA

Experience implementing information security management frameworks (e.g. ISO/IEC 27001, ISO/IEC 27017/27018, CIS, NIST 800-53, etc.)

Demonstrated experience with developing and implementing an information security awareness and training program

Demonstrated success working with internal audit, external auditors, outside consultants, and legal affairs in a lead capacity

Demonstrated experience with large-scale projects and transformational initiatives

Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) or related certifications strongly desired

Self-starter who can effectively function with minimal day-to-day oversight and who thrives on a dynamic and aggressive business challenge

Strong intellectual curiosity to learn about relevant emerging IT trends, such as Artificial Intelligence, and solve customer problems in innovative ways

Excellent Verbal and Written Communication Skills required


Other companies hiring with Ivy Exec

 Company Logos