Chief Infosec Officer

We are seeking an experienced Information Security Risk Officer to coordinate security steering committee activities, develop and maintain information security management systems, and conduct periodic reviews and risk assessments.

• Coordinate Security Steering Committee activities
• Develop and maintain Information Security Management System including development of policies and processes related to information security based on standards
• Develop a risk management framework
• Conduct periodic reviews/risk assessments to ensure risks are addressed to be in compliance with internal/external auditors and regulatory requirements
• Maintain the inventory of all PKI assets along with IT Operations Team
• Maintain ISMS certification against international standards such as ISO 27001 or NIST CSF
• Develop and maintain a data classification program
• Maintain Certification Authority risk register
• Develop vulnerability assessment plan, coordinate vulnerability assessment and penetration testing tasks, develop and present vulnerability assessment reports to Management
• Manage security incident response within the Certification Authority
• Develop and conduct security awareness programs and sessions
• Develop and maintain Business Continuity Management program
• Prepare monthly reports on Certification Authority security status

This role requires strong leadership skills, strategic thinking, and effective communication. The successful candidate will have experience in information security management, risk assessment, and audit compliance.

Seniority Level: Mid-Senior level | Employment Type: Full-time | Job Function: Information Technology