Job description

The Head of Information Security and Data Privacy will oversee enterprise information security, cloud and application security, compliance with standards like ISO/SOC/PCI DSS, and ensuring data privacy laws such as GDPR and CCPA are met. Key duties include cloud security management, application security development, and security automation.

Responsibility

• Design, implement and manage security measures for cloud infrastructure.
• Conduct regular security assessments and audits of cloud environments.
• Develop and implement strategies for securing applications throughout the SDLC.
• Perform application security assessments, penetration testing, and vulnerability assessments.
• Develop and implement incident response plans.
• Monitor and analyze security logs.
• Ensure compliance with security standards and regulations.
• Implement and maintain security automation tools.
• Lead GDPR and CCPA compliance programs.
• Conduct privacy impact assessments (PIAs).

Qualifications

• 18+ years of experience in a relevant field.
• Proven expertise in developing and implementing enterprise strategies for information and technology risks.
• Familiarity with common information security management frameworks such as ISO/IEC 27001 and NIST.