Head of IT Security

We are looking for an experienced Head of IT Security with a background in IT product development to manage and oversee all information security matters within our company.

Responsibilities:

• Security Strategy and Planning : Developing and implementing a thorough information security strategy and roadmap to address current and future threats vulnerabilities and risks

• Security Leadership : Providing strategic direction and leadership for the Information Security team ensuring alignment with business objectives industry standards and best practices

• Risk Management : Overseeing risk assessment and management processes identifying and prioritizing security risks and implementing appropriate controls and mitigation strategies

• Governance Compliance and Regulatory : Ensuring ongoing compliance with relevant regulations and standards like ISO 27001 ISO 27017/18 SOC 2 Type HIPAA GDPR etc.

• Vendor and Third-Party Risk Management : Supervising the evaluation and management of security risks associated with third-party vendors and partners

• Security Awareness and Training : Developing and implementing security awareness programs to educate employees and promote a culture of security awareness and compliance

• Security Governance and Compliance : Establishing and maintaining security policies standards and procedures to ensure compliance across the organization

• Security Metrics and Reporting : Defining and tracking key security metrics to evaluate the effectiveness of security controls and reporting on security status to executive leadership and stakeholders

Qualifications:

• Bachelor’s degree in Computer Science Information Security or related field

• Industry certifications such as CISSP CISM CISA or equivalent

• 3+ years experience in information security leadership roles in SaaS domain / +7 years experience in the information security field overall

• Good knowledge of security frameworks standards and regulations including ISO 27001 SOC 2 HIPAA GDPR etc

• Strong understanding of cloud security principles and best practices particularly in AWS/Azure

• Experience in managing security incidents and leading incident response

• Good communication and interpersonal skills with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees customers or partners)

• Project management skills with the ability to manage projects such as processes implementation and improvement security systems implementation

• Ability to collaborate cross-functionally and influence stakeholders at all levels of the organization