Job Description
What's the opportunity?
Reporting to the Chief Information Officer, the Chief Information Security Officer (CISO) is a pivotal leadership role tasked with safeguarding Zafin's digital assets, information systems, and data against cyber threats. This role embodies the company's core values, leading by example to foster a culture of security awareness and resilience. The CISO is responsible for developing and executing a comprehensive information security strategy that aligns with the company's objectives and regulatory requirements, ensuring the protection of its SaaS banking technology platforms and customer data. Represent Zafin in security discussions with the company's customers, partners, and external parties and ensure compliance with global and local regulatory standards
Mode of Work:Hybrid
What will you do?
- Develop and implement a strategic information security plan that aligns with the company's goals and SaaS practices, supported by the broader organization, to protect against current and emerging cyber threats. Communicate effectively to connect stakeholders to the security vision and strategy
- Lead the identification, evaluation, and mitigation of information security risks. Ensure compliance with relevant laws, regulations, and standards affecting the banking and FinTech sectors
- Develop and oversee the implementation of incident response plans and procedures to handle security breaches or attacks. Manage the response to security incidents to minimize impact and conduct post-incident analysis to prevent future threats
- Provide strong leadership to the information security team. Create an inclusive environment that promotes growth and continuous learning. Act as a champion for cybersecurity within the company and the broader industry
- Oversee the selection, implementation, and management of security technologies and infrastructure to support the company's SaaS banking platforms and operations
- Prepare and communicate regular reports on the state of the information security program, emerging threats, and security incidents to executive leadership and relevant stakeholders
What do you need to succeed?
Must Haves:
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field is preferred
- Professional certifications such as CISSP/CISM/GIAC or similar required
- 10+ years of experience in information security, with at least 5 years in a leadership role and at least 2+ years in CISO roles
- Proven track record of developing and implementing comprehensive security programs
- Deep understanding of cybersecurity frameworks, risk management, and compliance requirements
- Experience with cloud computing environments, preferably Microsoft Azure.
- Strong technical acumen in forensics, security technologies and industry best practices
- Must have demonstrated experience in Azure, Microsoft Intune, Defender for Endpoint, Defender for Cloud, Entra Identity Management, and SAML Authentication protocols, ensuring robust security posture
- Excellent communication skills, with the ability to articulate complex security concepts to non-technical stakeholders
- Strong negotiation and influence skills
- Demonstrated ability to lead and motivate a diverse team
- High level of credibility with all stakeholders, including executive leadership and external partners
- Strong problem-solving skills, with the ability to analyze data and make informed decisions
- Strategic thinker with a focus on long-term security objectives