Describe the job profile summary or purpose of the requested job
The Chief Information Security Officer (CISO), reporting into the Chief Information Officer (CIO) will have the end-to-end 1st line accountability for the cybersecurity of the client. The Chief Information Security Officer (CISO) will be required to define the strategy and implement necessary framework and controls to continuously improve the client's cyber security posture in today’s ever evolving cyber security landscape.
The candidate will fit in best with the company culture if they value honesty, integrity, reliability, and can interact, communicate with, and share knowledge with colleagues at all levels, whilst treating them with the utmost respect and professionalism.
Describe the main activities of the job (description)
- Provide leadership and oversight, by setting the direction and implementing the strategy and operating model for cybersecurity function, aligned to the business strategy.
- Establish security roadmap, to deliver contemporary capabilities to proactively deal with, and respond to the evolving threat landscape and to meet the changing business and regulatory requirements.
- Develop and Implement Cybersecurity policies, standards, and guidelines.
- Build and manage a strong team capable of managing cyber risks and responding to day-to-day threats.
- Establish strong governance and assurance controls and processes to continuously measure and improve coverage and operating effectiveness of controls.
- Perform period risk assessments to proactively identity and mitigate cyber risks.
- Engage with business units to ensure consistent application of cybersecurity controls across all business processes, projects, and technology systems.
- Partner with stakeholders across business units to cultivate a strong culture of cyber security at all levels, underpinned by a comprehensive ICS training and awareness plan.
- Measure and Monitor Cybersecurity risk profile and posture and report to appropriate committees and stakeholders.
- Monitor local regulatory and technical developments to ensure that cybersecurity policies are in line with these developments and engage.
- Participate and represent cybersecurity risks in various committees and forums to provide updates and influence positive outcomes for the business.
- Support external audits and reviews including regulatory reviews.
Minimum qualifications/experience (required for the job)
- Bachelor's or master’s degree with additional specialization in Information Systems Security.
- Minimum of 15 years of Cybersecurity experience and out of which a minimum of 5 years in a senior management capacity.
- Experience in managing cloud security in banking and financial services will be a big plus
- Thorough knowledge of Industry leading frameworks and standards such as NIST CSF, ISO27001 etc.
- Experience in implementing and automating cybersecurity controls for CI/CD pipelines will be a plus.
- Professional security management certification, such as CISSP, CISA, CISM or CISP.
- Strong knowledge of Cloud Security Architecture and Controls required to protect IaaS and PaaS for Public Clouds.
- Strong knowledge of vulnerability & threat management, security logging and monitoring and Identity and access management.
- Strong interpersonal and stakeholder management skills to influence key decisions taken by business and leadership teams.
- Proven Success in Managing risks and Crisis Situations.
- Strong knowledge of local regulatory and compliance requirements related to Cybersecurity.
- Identifies, understands, and acts on broader opportunities in order to drive longer-term value-adding change. Identifies and acts on market and/or competitor trends/opportunities to set, develop and drive out value adding change. Is able to understand, identify and act on broader opportunities in order to drive longer-term, value-adding change. Applies judgement effectively. Identifies and acts on market and/or competitor trends/opportunities to set, develop and drive out strategic value adding change.
Leading with Influence
- Influences and rallies people behind common goals and inspires others to exceed expectations. Actively supports the growth and performance of people around them. Communicates clear strategies and objectives for own function.
- Proactively establishes and maintains relationships. Values driven in relating to others. Engenders trust, respect, and the building of meaningful relationships across a variety of contexts. Able to handle a wide range of relational challenges including conflict and confrontation to collaborate across boundaries.
- Puts the customer at the heart of business decisions and drives to improve value for customers. Builds inspiring customer relationships. Being a customer champion and being responsive to customer needs so as to improve our speed to market.
- Displays consistent energy, drive, and perseverance in order to deliver results. Demonstrates a willingness to take calculated risks to achieve stretch performance goals.
- Demonstrates ability to relate to challenges from a range of diverse but relevant perspectives. Generates creative/out-of-the-box solutions.
- Challenges the status quo and/or demonstrates ability to relate to challenges from a range of diverse but relevant perspectives.
- Generates new perspectives that allow a more creative approach to be followed. Willing to take calculated risks when introducing novel ideas.
Personal Mastery (Learning)
- Learns and actively works to build self-awareness; develop through experience and feedback from others. Copes effectively with stress and has the resilience to take on stretching and challenging assignments which carry a risk of failure. Adjusts effectively to work within new work structures; processes; requirements, or cultures.