Descripción del puesto

We are seeking a highly experienced and motivated Chief Information Security Officer (CISO) to lead our cybersecurity strategy and operations. The CISO will be responsible for protecting our information assets, assessing and mitigating risks, and ensuring compliance with regulatory requirements.

Key Responsibilities:

• Network and IT Assessment: Assess and audit computer networks and IT infrastructure for potential weak points. Implement solutions to address identified vulnerabilities.
• Security Measures: Establish and maintain security measures to detect, prevent, and mitigate cyber attacks. Stay updated with the latest security trends and technologies.
• Response Protocols: Develop and implement response protocols for successful cyber attacks. Coordinate with relevant teams to ensure rapid and effective response.
• Disaster Recovery: Craft and maintain comprehensive disaster recovery plans for compromised data. Ensure these plans are regularly tested and updated.
• Training and Education: Provide ongoing training and continuing education to staff on cybersecurity best practices. Foster a culture of security awareness within the organization.
• Communication with Leadership: Keep company leadership informed about the state of network security. Regularly report on security metrics, incidents, and strategic initiatives.
• Cybersecurity Investments: Develop proposals for cybersecurity investments and present them to executive leadership. Justify the need for investments with clear business cases.
• Compliance and Regulatory Requirements: Ensure compliance with relevant laws, regulations, and industry standards such as GDPR, HIPAA, and SOX.
• Risk Management: Conduct risk assessments and develop risk management strategies. Prioritize and manage information security risks across the organization.
• Vendor Management: Oversee relationships with external security vendors and service providers. Ensure third-party compliance with security policies and standards.

Requisitos

• Educational Background: A bachelor's degree in computer science, information technology, cybersecurity, or a related field. A master’s degree or MBA can be an added advantage.

• Experience: A minimum of 10 years of experience in information security and IT risk management, with at least 5 years in a leadership role such as CISO, VP of Security, or similar.

• Certifications: Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or similar.

• Technical Expertise: Deep understanding of network security, cybersecurity frameworks (such as NIST, ISO/IEC 27001), encryption, authentication, threat modeling, and risk management.

• Regulatory Knowledge: Familiarity with compliance and regulatory requirements such as GDPR, HIPAA, SOX, and other relevant laws and standards.

• Strategic Vision: Proven ability to develop and implement a comprehensive information security strategy aligned with the business objectives of the organization.

• Incident Management: Expertise in managing security incidents, including detection, response, recovery, and communication of breaches and other security threats.

• Leadership Skills: Strong leadership and management skills with the ability to lead cross-functional teams, manage vendor relationships, and communicate effectively with senior executives and stakeholders.

• Analytical Skills: Excellent analytical and problem-solving skills to assess complex information security risks and develop effective mitigation strategies.

• Communication Skills: Exceptional verbal and written communication skills to articulate complex security concepts to non-technical stakeholders and ensure clear and concise reporting.

Beneficios

• Pase Libre on the Black plan at no cost, and discounts for family members
• Hybrid work model
• Refunds for training, courses, certifications
• Free access to e-learning platforms like Udemy
• English lessons
• Referral program
• Birthday day off