Total 21 Director/C-Level research officer job vacancies in Legal / Public / Security category in The United States of America

The Game Changers:
At AP+ we're changing the game! We're doing big things, and we can't do it alone. We're part of a big ecosystem, and we know teamwork and passion for our purpose is what will make us successful. We value the unique talents, perspectives, of all our employees. This includes people of all gender identities and sexual orientations, First Nations Peoples, people of all abilities and diverse backgrounds, as well as their families. AP+ brings together Australia’s three domestic payment providers, BPAY Group, eftpos and NPP Australia, into one integrated entity. Bringing these businesses together enables AP+ to create a more competitive and coordinated Australian payments organisation that is strategically placed to respond to the impacts of regulatory and technological change today, and into the future.

The Purpose:

At Australian Payments Plus (AP+), we're on a mission to revolutionise the payments industry and ensure the security of payments infrastructure across Australia. As the Chief Information Security Officer (CISO), you will play a critical role in safeguarding AP+ systems and data from cyber threats.

As the CISO, you will provide strategic and operational leadership for AP+'s information security program. You will develop and implement comprehensive security initiatives, policies, and procedures to protect our systems, networks, and data. You will be responsible for identifying and mitigating risks, managing security incidents, and ensuring compliance with relevant regulations and standards.

In addition, you will drive a culture of security awareness and promote best practices across the organisation. You will collaborate with cross-functional teams to integrate security into the development lifecycle and provide guidance on secure coding practices. You will also stay up to date with the latest industry trends and emerging threats to continuously enhance AP+'s security posture.

As the CISO your key responsibilities will be:

• Cyber Security Management
• Identity & Access Management
• Risk Management
• Security Architecture
• Testing, Compliance & Certifications
• Partner & Vendor Management
• People Leadership

In order to be considered for the CISO role you will need to demonstrate:

• Tertiary qualifications in Computer Science, Information Technology, or a related discipline.  And/or equivalent relevant knowledge and experience. 
• Professional security management certification such as CISM, CISSP or equivalent.
• Robust and proven experience leading and growing security functions in innovative, leading edge and fast paced environments.
• 10+ years’ experience in risk management and information security in a technical environment
• Experience leading, directing and developing technical staff in the execution of security program and project initiatives.
• Experience with contract and vendor negotiations and management including managed services.
• Experience with Cloud computing.
• Experience creating, testing and maintaining business continuity management and disaster recovery plans.
• Effective interpretation of security-related data allows CISOs to detect potential security threats.
• In-depth technical knowledge of cybersecurity tools and concepts, such as intrusion detection systems, firewalls, risk identifying tools and SIEM systems
• Strong understanding of information security, risk, privacy, and regulatory compliance
• Extensive knowledge of risk management techniques.
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
• Familiarity with relevant regulations and standards (e.g., PCI-DSS, ISO 27001).

What’s Next:
We know applying for a role can be a nerve-wracking experience, so we endeavor to review applications and plan to schedule screening interviews within the next two weeks. If you are among selected candidates, we’ll be in touch to schedule a phone interview. In any case, we will keep you posted on the status of your application.
We want to remove all barriers to inclusion so if you need advice or support with your application, we’re here to help. Please reach out to recruitment@auspayplus.com.au We also encourage you to let us know your pronouns at any point during the recruitment process.

AP+ are not partnering with Recruitment agencies for this role.

The main duties and responsibilities are detailed in the job description attached in the advert. The post holder will lead the Cyber Security team to deliver the Cyber and IG elements of the Digital Strategy. To ensure robust policies and processes are in place and monitored. Lead and support the wider governance agenda in digital including achieving the Data Security Protection Toolkit, managing Digital Change Control, Incident Management, Risk Management, Audit and action planning.

Chief Information Security Officer for ISS Singapore

Reporting functionally to the Global CISO - Head of ISS in CACIB Paris, and hierarchically to the Head of ISAP, he/she is:

- CISO of Singapore Branch

- Head of APAC/ME ISS filière, that coordinates Information Security on the APAC/ME region.

He/She is in charge of assessing the Information System Security risks, and piloting necessary actions to remediate or reduce the risk, relying of local staff when it comes to ensuring local regulations are taken into account.

He /She plays a role in alerting and counseling and contributes, along with other actors, to ensure the global security of the IS in coordination with Head Office.

The Singapore CISO:

- Manages hierarchically the Singapore ITSO (IT security Officers), ISAP CLSi (part time), and “ISS Singapore filière” staff

- Manages functionally the ITSOs in APAC/ME countries

- Manages functionally the CISOs in APAC/ME countries when the function exists

- Manages functionally and coordinates the CLSi (Local Information Security Coordinator) in APAC/ME. Note that the global CLSi network is overseen by the CISO Deputy in ISS Paris, to ensure a global coordination and communication is done for all regional areas, and to set the common yearly roadmap.

His/Her main missions are:

- Contribute to the definition of the ISS strategy for the company and foster the implementation of this strategy on his perimeter

- Evaluate and manage risks to ensure the company is protected at an adequate level, and alert if need be

- Enforce IT security standards

- Contribute to the management of security incidents and vulnerabilities

- Monitor action plans

- Monitor employee and IT developers’ awareness program about information system security issues

- Coordinate the watch for his perimeter

- Review permanent controls level 2.1 for his domain of responsibility, and follow the reporting of these results to the Risk departments and ISS France

The ISS ASIA/ME filière:

- Participates to the ISS governance set by ISS France and CA group and organizes the governance the regional perimeter to take into account possible local regulations, and discuss their impact with ISS France

- Coordinates at a regional scale with other country CISO, ITSO and CLSi

- Builds and follow up security indicators for the region, aggregates all security cost for the ISS, and ensures a reporting is in place for executive management and ISS France

- Aggregates permanent controls level 2.1 for the region to have a consolidated view to share with ISS France

**PREVIOUS APPLICANTS NEED NOT APPLY**

The role will be based in Digital Services at the Liverpool Innovation Park.

Liverpool University Hospitals NHS Foundation Trust has embarked on a journey to provide great care for our patients.

We are a front line digitisation trail blazer on the national EPR programme. Together we will underpin the care that our hospitals provide with a robust digital infrastructure, comprehensive suite of digital solutions and a wealth of digital intelligence.

Our team is on a mission that positions our organisation as the leader for digital health excellence in Liverpool, the North West and nationally. Using our strong academic ties, we will help create a digital blueprint for others to follow.

Our digital strategy clearly sets out our great ambition, which delivers a progressive and cohesive portfolio of digital solutions to front-line staff over the next five years. We have recently commenced our Care Record Liverpool programme, CaRL. We will modernise how we support our patients and staff inside and outside of our hospitals.

The post holder is responsible for leading:-
the management, development and leadership of the Cyber Security team of the Trust

Responsible for the development, implementation and monitoring of cyber security policy in the Trust
To oversee, and ensure assurance can be provided regarding, the robust protection of Trust and patient data, as well as the protection of infrastructure and assets from malicious activity and actors.
To work collaboratively with NHS England and 3rd party suppliers, including senior managers within Digital Services, in the planning and delivery of the CS and IG agenda across the Trust and act on behalf of the CIO, as required.

Ensuring compliance with the Data Protection and Security Toolkit and other regulatory guidelines.

Providing leadership and a clear vision for implementation of CS as part of the cyber and wider Digital strategy ensuring that effective systems and processes are in place to support the deployment of systems and the modernisation of health services.

To ensure the implementation of the Cyber strategy underpins and aligns with the Aug 2023 Trust’s digital strategy and wider Trust strategy and vision and to be an expert and specialist source of advice and guidance.

Liverpool University Hospitals NHS Foundation Trust was created on 1 October 2019 following the merger of two adult acute Trusts, Aintree University Hospital NHS Foundation Trust and the Royal Liverpool and Broadgreen University Hospitals NHS Trust.

The merger provides an opportunity to reconfigure services in a way that provides the best healthcare services to the city and improves the quality of care and health outcomes that patients experience.

The Trust runs Aintree University Hospital, Broadgreen Hospital, Liverpool University Dental Hospital and the Royal Liverpool University Hospital.

It serves a core population of around 630,000 people across Merseyside as well as providing a range of highly specialist services to a catchment area of more than two million people in the North West region and beyond.

To hear more about our achievements click here https://www.liverpoolft.nhs.uk/media/13089/1606-annual-report-booklet_final.pdf

Follow us on Social Media:

Facebook – Liverpool University Hospitals Careers

Instagram - @LUHFTcareers

Twitter - @LUHFTcareers

The main duties and responsibilities are detailed in the job description attached in the advert.

The post holder will lead the Cyber Security team to deliver the Cyber and IG elements of the Digital Strategy.

To ensure robust policies and processes are in place and monitored.

Lead and support the wider governance agenda in digital including achieving the Data Security Protection Toolkit, managing Digital Change Control, Incident Management, Risk Management, Audit and action planning.




This advert closes on Tuesday 7 May 2024

We are seeking a highly skilled and experienced Chief Legal Officer (CLO) with expertise in international government filings and US financial regulations to join our dynamic team. you will be responsible for overseeing and managing all legal matters related to regulatory compliance and government interactions across our global operations, playing a pivotal role in shaping the company's legal strategy and ensuring compliance with international laws and regulations

Responsibilities:

• Develop and implement strategies for managing and optimizing international government filings, including regulatory submissions, permits, licenses, and other required documentation.
• Collaborate with internal stakeholders, including executives, department heads, and legal teams, to ensure alignment with business objectives and regulatory requirements.
• Collaborate with external legal counsel and advisors as needed to address complex legal issues and ensure the company's interests are protected.
• Advising on the legal aspects of fundraising strategies, including private placements, public offerings, crowdfunding, and other fundraising methods.
• Drafting and reviewing offering documents, such as private placement memorandum (PPMs), prospectuses, subscription agreements, and other disclosure materials.
• Ensuring compliance with securities registration requirements or exemptions under Regulation CF, Regulation D, Regulation S, Regulation A+, or other exemptions available under US securities laws.
• Conducting due diligence on investors and potential counterparties to ensure compliance with AML/KYC requirements and mitigate legal risks.
• Negotiating and structuring investment transactions, including equity investments, debt financing, convertible securities, and other financial instruments.
• Manage relationships with government agencies, regulatory bodies, and other external stakeholders to facilitate efficient and effective communication and compliance.
• Provide leadership and guidance to the legal team, fostering a culture of excellence, collaboration, and continuous improvement.
• Conduct internal audits and assessments to identify areas of non-compliance or potential risk and develop strategies to address them.
• Represent the company in legal proceedings, negotiations, and other interactions with governmental entities as necessary.
• Stay abreast of changes in international laws and regulations that may impact the company's operations and provide proactive guidance to mitigate risks.

Requirements

• Juris Doctor (J.D.) Degree from an accredited law school.
• Admission to the bar in at least one jurisdiction; additional admissions preferred.
• Minimum of 7 - 10 years of experience practicing law, with a focus on international regulatory compliance and government filings.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and negotiate with internal and external stakeholders.
• Demonstrated leadership abilities, with experience managing and developing high-performing legal teams.
• Strategic thinker with the ability to anticipate and mitigate legal risks while supporting business objectives.

Desirable Experience (Added Advantage):

• Proven track record of success in managing complex legal matters, regulatory challenges and experience in the fintech industry with familiarity on the unique legal challenges and regulatory frameworks governing financial technology companies. This includes compliance with financial regulations (e.g., KYC, AML, GDPR, PSD2)
• Deep understanding of US financial regulations such as the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC), the Financial Industry Regulatory Authority (FINRA), and other federal and state regulatory bodies

We are seeking a highly skilled and experienced Chief Legal Officer (CLO) with expertise in international government filings to join our dynamic team.

Job Description:

As the Chief Legal Officer (CLO) specializing in international government filings, you will be responsible for overseeing and managing all legal matters related to regulatory compliance and government interactions across our global operations. You will play a pivotal role in shaping the company's legal strategy and ensuring compliance with international laws and regulations.

Responsibilities:

• Develop and implement strategies for managing and optimizing international government filings, including regulatory submissions, permits, licenses, and other required documentation.
• Collaborate with internal stakeholders, including executives, department heads, and legal teams, to ensure alignment with business objectives and regulatory requirements.
• Stay abreast of changes in international laws and regulations that may impact the company's operations and provide proactive guidance to mitigate risks.
• Oversee the preparation and review of legal documents, including contracts, agreements, and regulatory filings, to ensure accuracy and compliance with applicable laws.
• Manage relationships with government agencies, regulatory bodies, and other external stakeholders to facilitate efficient and effective communication and compliance.
• Provide leadership and guidance to the legal team, fostering a culture of excellence, collaboration, and continuous improvement.
• Conduct internal audits and assessments to identify areas of non-compliance or potential risk and develop strategies to address them.
• Represent the company in legal proceedings, negotiations, and other interactions with governmental entities as necessary.
• Advise senior management on legal matters related to international government filings, offering strategic insights and recommendations to support informed decision-making.
• Collaborate with external legal counsel and advisors as needed to address complex legal issues and ensure the company's interests are protected.

Qualifications:

• Juris Doctor (JD) degree from an accredited law school.
• Admission to the bar in at least one jurisdiction; additional admissions preferred.
• Minimum of 7 - 10 years of experience practicing law, with a focus on international regulatory compliance and government filings.
• Proven track record of success in managing complex legal matters and regulatory challenges within a global context.
• Strong understanding of international laws and regulations, with expertise in areas such as [specific regulations relevant to the industry].
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and negotiate with internal and external stakeholders.
• Demonstrated leadership abilities, with experience managing and developing high-performing legal teams.
• Strategic thinker with the ability to anticipate and mitigate legal risks while supporting business objectives.
• Detail-oriented and organized, with the ability to manage multiple priorities and deadlines effectively.

PRIMARY DETAIL

Lead the development, implementation and support of ICT best practice standards and ensuring compliance to deliver secure and reliable systems.

• A competitive salary package commensurate with skills and experience will be negotiated with the successful applicant.
• Full-time, fixed term for 5 years at Macquarie University, Wallumattagal Campus, North Ryde.
• Work with a strong collaborative IT team, hybrid working arrangement.

THE ROLE

Macquarie University is seeking an innovative and experienced Chief Information Security Officer to develop and implement Macquarie University’s information technology (IT) security strategy whilst protecting the business from information security breaches and cyber environment threats.

You will manage and oversee all information technology security operations for the University, provide advice to enable high-quality information risk decisions, and drive a robust plan to uplift cyber security understanding across the organisation.  

This is an important appointment, and an exciting time to join the MQ IT Senior Leadership team, as they forge ahead together to deliver on Macquarie University’s ambitious digital transformation.

About You

The successful candidate will be a transformational leader with excellent interpersonal and communication skills, superior critical analysis and strategic influencing capability.

You will have comprehensive knowledge of emerging cyber security technologies and risks.  Your will leverage your knowledge of technology trends to understand how the application of emerging technology can enhance cyber security.  You will have a business focused approach considering the broader organisation context to develop solutions and security strategies that support the operation of the University.

About Us

Macquarie is a university engaged with the real and often complex problems and opportunities that define our lives. Since our foundation 60 years ago, we have aspired to be a different type of university. Over the years, we have grown to become the centre of a vibrant local and global community. Connect with us today.

We rank amongst the top employers in the Australian Workplace Employers Index, having recently earned a five-star rating in the QS World Rankings with the highest rating for employability. Take a look at the staff benefits on offer.

To Apply

To be considered for this position, please apply online and attach your resume and a separate cover letter that outlines how you meet to the selection criteria below:

• Tertiary qualifications in IT, computer science, or a related field, and/or experience in information security, programming, risk management, and/or cybersecurity.
• Experience in delivering a cyber security strategy and roadmap for large and complex organisations.
• Experience in managing cyber security incidents by early identification and limiting organisational damage.
• Experience in working with managed security providers and external security operations centres.
• Proven ability to rate the severity of cyber-attacks and data spills.
• Strong understanding of security products in the market to address common security risks.
• Practical understanding of Higher Education and Healthcare sector laws and regulations.

*This position requires Criminal History Check and Qualifications Check.

All Enquiries: Min-Ha Choo, HR Manager via email minha.choo@mq.edu.au.  

Applications Close:  Sunday, 31 March 2024 at 11:59pm (AEST).

If you're already part of the Macquarie Group (MQ University, U@MQ, MQ Health, MGSM), you'll need to apply through your employee Workday account. To apply for this job: Login to Workday and go to the Careers App > Find Jobs.

Applications Close:

31/03/2024 11:59 PM

Diversity and Inclusion

Equifax is where you can power your possible. If you want to achieve your true potential, chart new paths, develop new skills, collaborate with bright minds,  and make a meaningful impact, we want to hear from you.

Synopsis of the role:

The Business Information Security Officer (BISO) position is responsible for maintaining the confidentiality, integrity, and availability of our customer’s data and the security of the assets of the company for an assigned Business Unit / COE/Region. The BISO will understand business strategy, life cycle, and trends and infuse this point of view into Global Security at large. The role will focus on improving intra-region and cross-region collaboration, providing consulting in support of business drivers; and providing strong guidance and support for mitigation for noted areas of exposure such as insecure business practices, policy exceptions, tool and technology implementations, vulnerabilities, and local programs that support security initiatives and improvements. The role will work hand in hand with BISO, VP peers to continuously improve the global information security management system (ISMS). This position is typically a manager of BISOs and Security Analysts. 

What you’ll do

• Responsible for identifying, evaluating and reporting on security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.

• Provides oversight and manages a team of directs which typically includes BISOs and Security Analysts; and influences a team of non-directs in peer organizations.

• Primary purpose of this role is to balance business risk with the security mandate, striking the right balance between likelihood and impact of an issue.

• Role acts in consultative capacity, assisting business units to assess and adopt proper course of action when addressing risk and provides consultative guidance for new business cases and coordinates security needs across all implementations and programs for assigned areas.

• Responsible for developing relationships with customers and understanding their “security experience” with Equifax, anticipating customers’ security needs, developing operational plans to implement improvements, influencing others internally and externally, including senior leaders, to achieve a blended approach that satisfies both security and business needs.

• Position is the primary conduit through which the operational security units (technology, operations, assessments, investigations, and physical) can be effective and affect change for the assigned area of responsibility.

• Ensures that leadership in the assigned area (SVP, GM) are well informed regarding security programs, threats, and risks.

• Responsible for championing security compliance with all local government regulations, customer contracts, and company policies in the assigned area.

• Leads a team that contributes to business objectives through deepening customer relationships, representing the Equifax security program in industry forums, developing an expert understanding of business processes, goals, and challenges, and partnering across the assigned area to coordinate security program activity.

• Participate in business initiatives to help accelerate time to revenue and explore monetization opportunities for Security services. 

What experience you need

• Mandatory Bachelors or higher graduation required; Preferred domains IT or Cyber security.

• CISM, CISSP, CISA or CRISC qualification preferred.

• Experience of working in an RBI regulated entity (RE) and well versed with RBI Infosec requirements.

• 15+ years’ experience in the information security domain with at least 3 years in a leadership role; and at least 5 years of experience in a financial organization’s Infosec department, preferably a bank operating in India.

• Subject matter expert in Information security domains such as Cloud security, Network security, Data security, Application and API security, Vendor risk management and ISO 27001:2022

• Strong stakeholder management internally and externally, with excellent interpersonal, communication skills and ability to build rapport quickly

• Identifies and solves a range of problems in complex situations

• Leads decisions within guidelines and policies

• Identifies, analyzes, monitors and minimizes areas of risk to the organization including information, physical and corporate security policies and procedures

• Have led the facilitation of internal and external audits (RBI Audits).

What could set you apart

• Experience of cloud migration.

• Implementing security programs that achieved PCI-DSS compliance.

• Skilled at communicating complex issues to both technical and non-technical audiences and comfortable receiving constructive challenges.

• Comfortable managing several projects at any one time and have experience of working in fast paced environments which process sensitive customer data.

We offer a hybrid work setting, comprehensive compensation and healthcare packages, attractive paid time off, and organizational growth potential through our online learning platform with guided career tracks.

Are you ready to power your possible?  Apply today, and get started on a path toward an exciting new career at Equifax, where you can make a difference!

Primary Location:

IND-Mumbai-Equifax Credit Information Services

Function:

Function - Security Governance and Compliance

Schedule:

Full time

Reachfield Security (Grade “A” agency) specializes in supplying security manpower to Schools, Factories, Shopping Centres, Museums, libraries, etc.

Chief Security Officer / Senior Security Supervisor / Security Supervisor

Day Shift – CSO

• Grade ‘A’ Office Building in Marina – 7.30am to 7.30pm

Day Shift – SSS

• Semiconductor Factory in Woodlands – 7.30am to 7.30pm
• Grade ‘A’ Office Building in Marina – 7.30am to 7.30pm
• Office Building in Buona Vista – 7.00am to 7.00pm

Night Shift – SSS

• Semiconductor Factory in Woodlands – 7.30pm to 7.30am

Day Shift – SS

• Office Building in Tampines – 7.30am to 7.30pm
• Condo in Hillview - 8.00am to 8.00pm

Salary:

$3250 - $3800

1. Possessed valid PLRD license, emplacement for SS/ SSS rank. Supervise a team of security personnel.

2. Supervise a team of Security Officers to meet the client's requirements.

3. Day/ Night shift; 12hr-shift (Fixed shift, no need to rotate)

4. Job duties include leading the team, conduct daily briefing, patrolling, protecting clients’ premise and access control, etc.

5. Work with client’s representative closely and carry out instructions according to set SOP.

6. PC literate and can able to put up incident reports.

7. Conduct OJT for new staff; guide and advise new staff and orientate him for the job.

8. Attend management meetings.

10 Anson Road

#26-09 international Plaza

(Tanjong Pagar MRT) Singapore 079903

For Supervisors post, please email your resumes to jason_at_reachfield.com

For more information, please call

Tel: 6324 0648 (Jason) / 8168 2805

As the Chief Information Security Officer (CISO) at Endeavour, you will play a pivotal role in developing and implementing our organisation-wide information security strategy. You will lead initiatives to assess and mitigate cybersecurity risks, establish robust governance frameworks, and ensure compliance with regulatory standards. Your responsibilities will include overseeing incident response, conducting security awareness training, and managing vendor relationships. 

As we continue our journey towards greater operational maturity, we are placing even more emphasis on ways of working and collaboration particularly across our cyber and broader technology teams. To enhance and sustain our success our CISO will need to communicate security-related concerns in terms of business impact and develop integrated plans to drive improvements in our security posture.

Key Responsibilities:

• Develop and lead the implementation of an organisation-wide information security strategy aligned with business goals.

• Assess and prioritise cybersecurity risks, ensuring compliance with policies and regulations.

• Establish and oversee robust governance frameworks and incident response plans.

• Conduct security awareness training and foster a culture of security consciousness.

• Manage security technologies and partnerships to safeguard information assets.

• Assess and manage security risks associated with third-party vendors and partners.

• Collaborate with internal and external stakeholders to address security concerns and provide regular updates to executive leadership.

• Lead and inspire the Cyber Security team, actively supporting talent development and growth.

Location: Tubize, Belgium

Thales people architect solutions at the heart of the defence-security continuum. Interoperable and secure information and telecommunications systems for defence, security, and civil operators, are based upon innovative use of radiocommunications, networks, and cybersecurity. We are ground breaking new digital technologies such as 4G/5G mobile communications, cryptography, cloud computing and big data for use in physical protection systems, and critical information systems.

Thales Belgium SA, Belgium competence center of Thales, is a company located on 2 sites, one in Tubize (near Brussels) and the other one in Herstal (near Liège). Thales Belgium, which employs more than 280 collaborators, is specialized in the design, development and supply of critical information systems for customers in the sectors of Defense, Security (including Cyber) and Aerospace.

The CISO is responsible for all aspects of information security and cyber security across all of IT including support developing, deploying and maintaining a robust security strategy with solid security policies; protocols and procedures across enterprise security architecture, security operations center, datacenter security, and network security including cloud and applications security with appropriate security measures and initiatives. This role also advises senior leaders and other stakeholders on the further development, implementation and management of a countrywide IT security infrastructure that contains appropriate control objectives for system integrity, availability, reliability, resilience, confidentiality and assurance to company, industry and international standards.
CISO Community: engage with and contribute to the group CISO community ; NG role: PO/SO for local security squad

•      Identifying and prioritizing cybersecurity risks and reporting them to local CIO and EUROPE CISO.

•      Ensure strategic alignment of the region approach to IS/IT Security is compliant with legal and regulatory requirements, Group standards and aligned with business objectives.

•      Ensure security program & plans are in place and actions are implemented to manage the risk of adverse impacts from any external or internal attack on the region IT/IS are reduced to an acceptable level.

•      Ensure appropriate budget and resources are allocated to support the security program at region level

•      Be a member of the Group Information System Security Community – sets and approves IS security policy decisions and exceptions.

•      Ensure security incidents are coordinated and managed with the Central Security body through EUROPE CISO

•      Coordinate regionally under the supervision of the Cert Incident Response Activities.

•      Gain acceptance of proposed security solutions by the various security accrediting bodies within Group CISO

•      Respect Group IS/IT standards and strategy.

•      Review strategies, operational changes and projects to ensure appropriate security controls are applied.

•      Review proposed enterprise architecture strategies and designs to ensure that new risks are not introduced into company, and to suggest changes that may increase functionality and help reduce existing risks.

•      Maintain /Coordinate an understanding of current and emerging security threats that may affect the company now or in the future.

•      Undertake / Coordinate forensic investigations and analysis as required on company computer assets in support of HR led investigations.

•      Liaise with Legal in regards to export control requirements in systems and manage any e-discovery requirements that the company are required to undertake.

•      Undertake governance responsibilities for technology based Defense regulations and policies and report the company state of compliance to the Governmental Boards in charge.

•      Provide regular updates to the CIO and EUROPE CISO regarding achievements, issues and goals

•      Review and ensure the follow up of remediation plans with EUROPE CISO

•      Acts as the first point of contact for internal and external audits.

• Bachelors (Masters preferred) Information Technology and/or Information Security (Degree or equivalent).
• 5+ years of leadership experience overseeing security initiatives in a medium to large enterprise.
• Obtained one or more of the following certifications: Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Global Information Assurance Certification (GIAC), ISO27001 Lead Implementer; Project Management Professional (PMP/Prince2); or other related certifications.
• Obtained Cosmic Top Secret (CTS) Security Clearance is a huge asset.
• Demonstrable experience of emergency preparedness, critical incident management, business continuity and disaster recovery.
• Experienced with medium to large IT Infrastructure and/or IT security projects, e.g. firewall deployment, NAC implementation, web proxy upgrade etc.
• Prior experience with information security framework, secure network architecture and design, cloud computing, and secure application architecture/design.
• Proven experience of leading a multidisciplinary team.
• Strong working knowledge of information security technologies, markets and vendors including firewall, intrusion detection, assessment and monitoring tools, encryption, certificate authority, and cloud networks.
• Experienced in developing policies and procedures for identity and access management, security programs, security procedures, security standards, requirement definition, and project management plans.
• Adept in creating business cases and user cases including the ramification of various system, network and application security decisions and recommendations.
• Experience in managing IT responses to internal and external audit campaigns
• Articulate with strong verbal and written communication skills including technical and non-technical audiences.
• Business proficient  in English and French

•              Experienced in working within a centralized/decentralized matrix business environment.

•              Knowledge of SEI’s CMMI model for secure software development.

•              Broad experience of conducting risk assessments including presenting recommendations to c-suite

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!

Interested?
Apply now! Click on the button below to upload your profile and show your interest.

Diversity Statement
We actively support a working pattern that suits your lifestyle and helps you reach your ambitions. That means that equal opportunities, inclusion and an informal culture are integral to our success. It also means that your well-being and happiness matter to us! That’s why we offer you the flexibility to do what’s important to you; whether that’s part time hours, job sharing, remote working, or the ability to flex your start and finish times.

About the Role:

 

When it comes to Cybersecurity, do you believe “people” is the most important part of “people, process and technology?”  Do you dream of ways to measure things? Security controls? Efficacy?  Do you have strong opinions about how cybersecurity should be managed? Yet, at the same time, are you open to people disagreeing with you?  Are you a great communicator and enjoy explaining complex technical concepts to fifth graders or their equivalents? Have you been on stage or on a podcast?

If you were asked to list your favourite three leadership/management influences, could you easily rattle them off?

Do you have experience besides Cybersecurity? Have you been a developer in a past life? A systems administrator? An auditor? 

If you answered yes to most of the above questions, then this might be your role! 

 

We are seeking a highly motivated, strategic thinker and tactical cybersecurity wizard to join our people-first cybersecurity leadership team as the Deputy Chief Information Security Officer.

This role will be based in Chennai, India, and will work with global resources and teams located in Chennai, India, EU, and the U.S. 

 

Job Summary:
 

As the Deputy Chief Information Security Officer (DCISO) you will play a critical role in leading and strengthening our cybersecurity program. You will work closely with the CISO and executive leadership to develop and execute strategies that safeguard our information assets, maintain compliance, and ensure the security of our SaaS products and customer data. This role prioritizes leadership and team building, focusing on guiding a high-performing security team.

 

Responsibilities:

• Leadership and Team Building:
  • Provide visionary leadership to the security team, fostering a culture of collaboration, innovation, and excellence.
  • Develop and mentor a diverse and highly skilled team of security professionals, nurturing their growth and career development.
  • Collaborate with cross-functional teams to build a security-conscious organizational culture and promote security awareness.
• Strategy and Governance:
  • Assist the CISO in developing and implementing the company's information security strategy and policies.
  • Contribute to the creation and maintenance of an effective security governance framework.
  • Ensure alignment of security initiatives with business objectives and industry best practices.
• Risk Management:
  • Identify and assess security risks, vulnerabilities, and emerging threats to the organization.
  • Own the development and implementation of risk mitigation strategies and incident response plans.
  • Regularly oversee the review of security controls and processes to maintain a strong security posture.
• Compliance and Regulatory Oversight:
  • Monitor and ensure compliance with relevant data protection laws and industry regulations.
  • Oversee the preparation and submission of compliance reports and certifications.
  • Collaborate with legal and regulatory teams to address compliance issues.
• Incident Response and Recovery:
  • Help lead incident response efforts in the event of security breaches or incidents, coordinating with internal and external stakeholders.
  • Drive the development and maintenance of an effective incident response plan to minimize business impact.
• Vendor and Third-Party Risk Management:
  • Govern the evaluation and management of the security posture of third-party vendors and partners.
  • Establish and maintain strong vendor security relationships and agreements.
• Security Awareness and Training:
  • Help promote security awareness and training programs across the organization.
  • Develop and deliver security training materials and resources to educate employees on security best practices.
• Budget Oversight: 
  • Manage and oversee the cybersecurity budget, ensuring efficient allocation of resources and cost-effective security solutions.
• Product Security
  • Support penetration testing teams exploiting web and mobile application security flaws such as SSRF, SQLi, RCE, and DNS binding attacks.
  • Guide the implementation of AuthN/AuthZ mechanisms and the building of robust RBAC controls like SAML, OAuth, OpenID, etc. 
  • Assist product security teams in building resilient, highly available systems, identifying security vulnerabilities in our products and addressing them, and reducing friction in the SDLC pipelines while improving security controls.

 

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field; a master's degree is a plus. Must have at least one of these relevant certifications (e.g., CISSP, CISM, CISA).
• Proven experience (8+ years) in cybersecurity, with at least 3 years in a leadership or strategic role managing more than one cybersecurity function (e.g. SOC & GRC, Application Security & Incident Response) either concurrently or consecutively. 12+ years of overall experience.
• Strong understanding of cybersecurity principles, technologies, and best practices.
• Excellent project management and organizational skills, with a track record of successfully managing complex initiatives.
• Exceptional, master's degree level of written communication skills. Above average, dare we ask for remarkable interpersonal skills, with the ability to interact effectively with executives, technical teams, and external partners.
• Advanced stage presence: ability to speak and present in front of large groups, ability to write and communicate to U.S. and India audiences.
• Strategic thinker with the ability to analyze and solve complex problems.
• Knowledge of regulatory requirements and compliance standards related to cybersecurity.

 

Your Career

The Regional CSO (Chief Security Officer) will serve as a trusted advisor to our most strategic customers in the region, actively helping transform their cybersecurity programs and maturity. Building these trusted relationships with C-level peers will require the Regional CSO to demonstrate executive presence as well as strong technical credentials.

The types of executive personas the Regional CSO will interact with range from CIOs, CISOs, CTOs, CFOs to government and public policy leaders. In addition to domain expertise and established industry credibility, the Regional CSO will need to display a high degree of emotional intelligence and empathy towards our customers’ mission.

As the global cybersecurity leader, we have a strong point of view on ‘what good looks like’ based on our experiences and learnings from partnering with over 80,000 customers globally. This point of view is backed by our market leading platforms that deliver cybersecurity business outcomes for customers. The Regional CSO will bring their own experience and market insights to help amplify this message and tell the company story from the lens of their own personal journey in cybersecurity.

Your Impact

In this role, as a member of the regional technical leadership team at Palo Alto Networks, you will: 

• Build Trusted Relationships - Build peer level ‘trusted advisor’ relationships with industry leaders and C-level executives and lead executive advisory boards in the region
• Drive ‘Outcome Driven’ Engagements - Own the peer relationship with customers’ C-level executives - Work closely with strategic account teams through a structured engagement model to drive business outcomes from early stage customer interactions to deal closure
• Scale The Business - Produce content for and advise the sales team on key security topics and executive communication strategies - Provide early market feedback from customers to the Product Management team, ensuring our platforms continue to deliver the outcomes customers need
• Amplify Our Message - Represent Palo Alto Networks at marquee industry conferences and events, presenting original ideas and content where needed - Work proactively with industry influencers and peers to position Palo Alto Networks as the cybersecurity partner of choice

The main duties and responsibilities are detailed in the job description attached in the advert. The post holder will lead the Information Governance Team and the Cyber Security team to deliver the Cyber and IG elements of the Digital Strategy. To ensure robust policies and processes are in place and monitored. Lead and support the wider governance agenda in digital including achieving the Data Security Protection Toolkit, managing Digital Change Control, Incident Management, Risk Management, Audit and action planning.

What we do, and why we do it

The banking system is evolving to give consumers the transparency, control and financial wellbeing they deserve. In a world where technology can change how we live for the better, there is no reason to be burdened by legacy systems, bureaucracy and mediocrity. It’s time for a change, and you can be part of this revolution!

BigPay is everything you wish your bank was: fair, transparent, frictionless. We went back to the drawing board to explore how new technologies could bring power back to you. Our goal is to solve real world money problems for millions of people by empowering them, and providing a simple interface for users to send, receive and track their money.

Life at BigPay

We’re fast, curious and ambitious. We are on a fearless adventure to change financial services for consumers, and we value ownership, initiative and leadership from everyone in the company. We’re going out of our way to recruit the most intelligent, creative and talented people in the world. We want innovators, and that means maintaining an environment where they can flourish. Our only boss is the consumer. BigPay values highly collaborative, hardworking people, who can deconstruct problems on the fly and take the team with them, while being inventive, iterative and agile. We never want to reach a stage where you are not challenged on a daily basis – because it means we’re not going fast enough.

Why BigPay?

Join a fearless adventure, where your opinion and input is highly contributional

Work in a fast paced, growing company where you will be empowered to succeed

An environment where you can challenge and be challenged

You will be surrounded by a multidisciplinary group of experts

Competitive salary & benefits

Responsibilities

Your responsibilities will include:

· Managing market-specific CISOs; guiding their agendas, and ensuring that they comply with regulatory requirements in each market

● Design an information security strategy that effectively protects BigPay’s information assets, including security standards

● Implement and enforce information security strategy with documented processes and protocols, including appropriate security controls across the organisation

● Maintain pro-active security measures on a periodic basis (including security reviews of new functionality and code changes, vulnerability scans etc.), and effective and rapid incident response mechanisms

● In concert with our Group Chief Legal and Compliance Officer and their team ensure compliance with applicable regulations

● Play a key role in business continuity planning and risk management

● Be responsible for any regulatory reporting requirements around information security

● Engage with stakeholders including management, investors, regulators, legal authorities and others and provide them with clear and concise perspectives on information security

● Independently communicate the Group’s information security strategy, performance and issues to Boards’ Risk and Audit Committees as necessary

● Oversight and ownership of system administration function to manage all hardware and software asset onboarding, offboarding, maintenance and cost management. Manage access, disaster recovery of applications and appropriate certifications for compliance adherence.

● Oversight and ownership of customer technology support function to handle all queries from customer experience and other stakeholders in a timely manner, provide sufficient tooling and governance on support queries from inception to resolution with root cause analysis and remediation to achieve strategic improvements.