Chief Information Security Officer CISO

Profile

Chief Information Security Officer (CISO)
at **MEMBERS ONLY**SIGN UP NOW***.
Bangalore
Who are we and What do we do?
We help advertisers reach and engage with their target audience globally. We do this through a deep understanding of people, which is enabled through our algorithms that respect privacy. Today, some of the world's largest brands, agencies, developers and publishers are creating great value by using our platforms to deliver compelling proposition to their target consumers.
 
Currently, we provide over 1.4 billion mobile users with relevant advertisements that enable meaningful decisions. We display 10 billion advertisements on a daily basis!
 
What’s the **MEMBERS ONLY**SIGN UP NOW***. family like?
We are an infectious bunch. Be it the way we rise up to challenges, the cutting edge products we create, the dreams we chase or the fun we have at work. We are sure that if you meet us, you will be infected too. Today, we are proud to be the leaders in Mobile advertising and we are sure to go even higher from here. We invite you to free yourself, dream big and chase your passion. We are here today because a few of us did just that.
Your Impact
This is an opportunity to lead a diverse security team comprising of risk management, product & platform security, threat & vulnerability management and incident response capability pillars. You will own and lead the design/ execution of **MEMBERS ONLY**SIGN UP NOW***. Group’s cyber security program and provide leadership/ domain expertise to executive / technology leaders on matters pertaining to protecting digital assets and regulatory compliance. You will have the opportunity to be hands-on in Cloud Native – DevOps heavy ecosystem, while managing a diverse team with specialised focus and expertise.
Responsibilities
Leadership & Executive Engagement
: Define CISOs charter & define focus areas for **MEMBERS ONLY**SIGN UP NOW***. Group comprising of policy, process and technology controls that would act as foundation for taking risk based decisions on design, tool and spends both within & beyond cyber security.
Engage with executive / technology leaders through a KPI driven approach with a mix of technology & commercial sense.
Product Security
: Evolve culture of SSDLC and build / operate a product security testing & automation function aligned to DevSecOps philosophy with automation & developer empathy as its core constructs.
Platform Security
:Work in synergy with infra / product engineering teams in defining baseline security configuration, build continuous visiblity for detecting misconfigurations/ vulnerabilities and mature remediation practises.
Contribute in maturing modern infra delivery (IAC) and modern software supply chain(CICD/DevOps) practises at **MEMBERS ONLY**SIGN UP NOW***.
Threat & Vulnerability Management
: Detect, triage and operate remediation operations for misconfigurations / vulnerabilities across product, platform & identity plane as per defined SLA.
Security Operations
: Set the foundation for creating incident response operations to guard against security breaches through a mix of inhouse operations & managed services model.
GRC:
Operate and evolve lean GRC (governance, risk, compliance) structure with regular cadence with executive leadership & technology leaders.
Control Effectiveness & Audit Readiness
: Owning success of technology controls, create an internal mechanism of audit readiness, demonstrating compliance to external auditors / customers and own all related escalations.
Business Engagement
:Collaborate actively with business / product teams to unblock business imperatives related to cyber security.
Success Factors
13
y
ears
with mix of
Technology Risk,
Security operations ,Security engineering
2 years of management experience with direct engagement with executive leadership
Stakeholder management in global setting with 3 years of responsibility in either managing P&L orbudgeting / spend decisions in cost conscious manner.
Experience in setting or operating incident responsefunction involving internal / partner teams.
Knowledge of Risk Management practicesincluding NIST, CIS, Cloud Controls and security frameworks like OWASP, CVSS, MITRE
SME in at least 2 of the above domains.
Proficient technical & business communication skills
Ability to decide & act in ambiguit
Plan & operate with an agile mindsetin remote work setting.
Good to have:
Industry certifications e.g. CISSP, CCSP, CCSK, CISA, CISM etc.
CSP specific certifications for Azure, AWS etc.

Company info

Sign Up Now - 100KCrossing.com