Description
About invenioLSI The largest independent global SAP solutions provider serving the public sector as well as offering specialist skills in media and entertainment. We bring deep expertise combined with advanced technologies to enable organizations to modernize so they can run at the speed of today’s business. We know how to navigate the extraordinary complexities of international businesses and public sector organizations, working with stakeholders to drive change and create agile organizations of tomorrow using the technologies of today. Learn more at www.invenioLSI.com. Role – Chief Information Security Officer Summary The CISO is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This includes overseeing the organization’s cybersecurity posture, developing policies and procedures, and managing risk mitigation efforts. Responsibilities
Develop and implement an enterprise-wide information security strategy.
Align security initiatives with business goals and regulatory requirements.
Communicate cybersecurity risks, programs, and initiatives to executive leadership and the board of directors.
Conduct regular risk assessments and ensure appropriate risk mitigation strategies are in place.
Monitor emerging threats and adjust security measures as needed.
Oversee the development and enforcement of cybersecurity policies, standards, procedures, tools, and technologies.
Involves understanding each business group's functions and vulnerabilities and developing tailored risk management processes.
Ensure compliance with applicable laws, regulations, and standards (e.g., ISO 27001, ISO 27701, ISO 22301, NIST, GDPR, OWASP 10, SANS 25).
Ethical Hacking, VA/PT, security of third-party cloud infrastructure e.g., AWS.
Manage security audits and regulatory examinations.
Collaborate with legal and compliance teams to address governance requirements.
Lead the design and implementation of security technologies and tools.
Oversee incident response plans and ensure timely resolution of security incidents.
Monitor and analyze security performance metrics.
Develop and implement mitigation strategies to prevent future occurrences, ensuring the business safety posture.
Partner with IT, legal, finance, HR, and other departments to integrate security into all aspects of the organization.
Work with vendors and third parties to ensure robust security practices.
Skills and Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (Master’s preferred).
At least 10 years of experience in information security management roles.
Certifications such as CISSP, CISM, CISA, or equivalent.
In-depth knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001), tools and technologies.
Strong leadership and communication skills, with the ability to influence stakeholders.
Experience with cloud security, endpoint protection, and modern security architectures.
Deep understanding of technology and cybersecurity trends.
Business Skills
Strategic thinking and problem-solving abilities.
Ability to handle high-pressure situations, such as breaches or incidents.
Excellent interpersonal and organizational skills.
Build, lead, and mentor a skilled information security team.
Promote a culture of security awareness across the organization.
Provide training and development opportunities for team members.
invenioLSI is an Equal Opportunity Employer that does not discriminate based on actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances. invenioLSI’s management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, access to facilities and programs and general treatment during employment.
