תיאור משרה
We are looking for an experienced and highly skilled Chief Information Security Officer (CISO) to lead and manage the company information security program. As CISO, you will be the go-to person who is resposible for developing, impkementing, and maintaining a comprehensive security strategy to protect the organization’s information assets, systems, and data from cyber threats and ensure copliance with relevant regulations.
This includes:
Develop and implement an enterprise-wide information security strategy, policies, and procedures aligned with industry bes practices and regulatory requirements
Identify, assess, and mitigate potential security risks and vulnerabilities through regular risk assessments, penetration testing, and security audits
Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems, encryption, access controls, and other security technologies
Conduct security awareness training and education programs for employess to promote a strong security culture within the organization
Investigate and respond to security incidents, perform root cause analysis, and implement corrective measures to prevent future occurrences
Stay up-to-date with emerging cyberscurity threats, trends, and best practices, and adapt the security program accordingly
Collaborate with cross-functional teams, including IT and legal, to ensure the alignment of security initiatives with business objectives
Develop and maintain documentation, including security policies, procedures, and incident response plans
Note: This is a hands-on position
skills and experience:
Minimum of 3-4 years of hands-on experience in information security, with a strong understanding of security principles, practices, and technologies
Proven experience in developing, implementing, and managing comprehensive security programs in a small or medium-sized organization
Strong knowledge of security frameworks, standards, and regulations (e.g., NIST, ISO, PCI-DSS, GDPR)
Expertise in risk assessment, secuarity controls, incident response, and security auditing
Familiarity with security tools and technologies, such as firewalls, IDS/IPS, SIEM, vulnerability scanners, and encryption solutions
Knowledge of cloud security principles and practices
Certified Information Systems Security Professional (CISSP) Or Certified Information Security Manager (CISM)
Strong analytical, problem-solving, and decision-making skills
Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to both technical and non-technical audiences