CISO - Chief Information Security Officer
Who we are?
Compared to the norm from even a few years ago, today’s consumers are much more likely to make all their transactions via a credit card or an app on their smartphone. Even the process has changed. You don’t even need a PIN confirmation for small purchases anymore, as contactless payments have become such a normal part of our life.
Our life has become much more connected. We live in what has effectively become a cashless society. All that connectivity gives hackers an almost limitless number of access points to attack, including Wi-Fi, Cloud, Bluetooth, LANS, hotel security cameras, check-in and out systems, hotel POS systems, and more. Every single one of these could be an entry point for a hacker.
People go on holiday to relax. Visiting Hotels for different purposes. Even security-savvy individuals will likely let their guard down a bit when on holiday or during a business trips, and that creates a particularly tempting target for hackers.
Hotels are data-Hubs which are the weakest link on the chain. We protecting All layers of data during your hospitality wherever it set, no matter what it purposes either for business or pleasure.
What you'll do
- We’re searching for a brilliant CISO to establish, maintain, and oversee the company’s vision and strategy and lead the program to ensure the product has the right tools and controls to protect its business operations, data, tools, and network against a dynamic threat landscape.
- Develop, implement, and monitor a strategic, comprehensive Client information security and IT risk management program.
- Ensure that the integrity, confidentiality, and availability of information are owned, controlled, or processed by the company, Business, and customers.
- Work directly with the clients to facilitate risk assessment and risk management processes.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
- Oversee the approval, documentation, training, and dissemination of security policies and practices.
- Keep up to date with new vulnerabilities and update stakeholders and the top management.
- Liaise with the R&D team, the DevOps team, and the IT team to ensure alignment between the security, system architecture, and actual implementation.
- Collaborate with the commercial teams and assist the sales organization in communicating our security practices as part of RFPs, sales, and security assessment processes.
- Ensure regulation and compliance requirements are satisfied (certification program, includes internal/external audits)
Who you are
- Bachelor’s Degree in information technologies and business administration or other related fields – a Must
- 5+ years of experience as an Information Security manager SaaS B2B company- A must
- Experience and understanding of network security and Edge and Cloud security components across virtualized environments (Apps, data, Endpoint, LAN, Perimeter, (WAN), and Cloud.
- Experience in working with enterprise clients in the financial industry- an advantage.
- Security governance, risk, and compliance management experience.
- Prior experience and deep knowledge in implementing and maintaining security standards (security management frameworks, such as ISO/IEC 27001 and NIST) and Privacy regulations (GDPR, CCPA).
- Strong knowledge in emerging cybersecurity risk management, methods, and solutions.
- Can work with all levels, and departments across the organization.
- Experienced with external vendors and partners contract, negotiations, and management, including managed services.
- Deep knowledge of information security systems and solutions (DLP, firewalls, IPS, WAF, incident management, cloud services, monitoring, SIEM, DMZ, Anti DDOS, etc.)
- Excellent written and verbal communication skills and a high level of personal integrity
- CISO Professional security management certification (e.g., CISSP, SOC2, GSEC, CCISO) – An advantage