Chief Information Security Officer (CISO)

Summary:

As Windmill Digital's CISO, you'll play a pivotal role in guiding our information security and data privacy initiatives. We seek a seasoned professional to leverage their extensive knowledge and hands-on expertise to fortify our cybersecurity posture, aligning with our growth trajectory.

Key Responsibilities:

• Security Architecture & Strategy:
• Design and develop a holistic information security and data privacy program, scaling with company growth
• Formulate best practices and set security standards, while preparing and documenting SOPs and protocols
• Spearhead security assessment processes, encompassing penetration testing, vulnerability management, and secure software development
• Expand security tooling and automation efforts across the organization
• Threat Management & Mitigation:
• Proactively spot security issues and threats, devising robust processes and systems to safeguard against them
• Steer compliance endeavors, including external audits, regulatory compliance initiatives, and overarching security evaluations
• Convey infosec and data privacy operational goals, relaying their impact to stakeholders
• Stakeholder & External Communication:
• Engage with outside stakeholders, encompassing customers, partners, compliance bodies, and other legal/regulatory authorities
• Deliver strategic risk guidance, evaluating and suggesting technical standards and controls
• Set in place a robust incident management process
  

Qualifications:

• 5 to 8 years of proven information security management experience
• Bachelor’s degree in Computer Science, Cybersecurity, or related fields
• Certifications like CISSP and/or CISA are preferred
• Expertise in compliance, especially in frameworks such as COBIT, ITIL, ISO27001/2, NIST, and SOC2
• Hands-on experience in security assessment, cloud architecture, threat modeling, and policy drafting
• In-depth comprehension of Secure SDLC, DevSecOps, or security automation
• Ability to communicate effectively with external Data Privacy and Info Sec representatives
• Knowledge of key legislations like HIPAA, SOX, PCI, and GDPR
• ISO27001 auditor or implementer experience can be additional plus
  
  

About Windmill:

Windmill Digital is a boutique digital product delivery company, creating solutions that address modern challenges. Our clientele ranges from innovative startups to multinational corporations. We also nurture our in-house products under Windmill Ventures. With our headquarters in Switzerland, our diverse team is scattered across the UK, USA, Portugal, Ukraine, and India.

Benefits:

• A flexible work culture, emphasizing autonomy over when and where you work
• Competitive remuneration and perks
• An inclusive environment fostering diversity and international collaboration
• Engaging tasks with opportunities for career growth
• Periodic performance reviews, synchronized with promotional cycles
  
  

Equal Opportunities at Windmill:

We champion diversity at Windmill Digital, providing equal employment opportunities to all candidates, regardless of age, religion, ethnicity, sexual orientation, or disability.

Application Process:

Feel you resonate with our ethos and the role? Send your CV our way and let's initiate a conversation.

For more about us, navigate to: https://www.windmill.digital.

Powered by JazzHR

woaEKLjSQt