Chief Information Security Officer

Summary

Join Vendavo's growing Information Security team as the Director, Chief Information Security Officer. You will be responsible for all assurance activities related to data confidentiality, integrity, and availability. This role involves working with executive management on risk assessment, maintaining an enterprise-wide information security program, and leading continuous improvement initiatives. You will identify emerging threats, address regulatory changes, and provide technical guidance. Collaboration with various stakeholders is crucial, as is representing Vendavo's information security program externally. The position requires significant experience in information security leadership and hands-on roles, along with specific certifications.

Requirements

• Have a BS in Computer Science, Information Technology, Information Security, or a similar field
• Have 5+ years of combined experience in enterprise information security leadership and hands-on roles with at least 2 years spent in leadership positions
• Have CISM and/or CISSP certifications
• Have strong knowledge of common information security management frameworks, such as ISO/IEC 27001, CIS Critical Security Controls, CSA Cloud Controls Matrix, and NIST 800 series
• Have knowledge of relevant tools, such as endpoint protection, vulnerability scanners, SIEM, IPS/IDS
• Have either built or grown an enterprise information security program
• Have expert understanding of security concepts and applying them to SaaS products deployed in public clouds, preferably AWS and/or Azure
• Have experience conducting risk assessments and developing mitigation strategies with business cases based on current and emerging threats and vulnerabilities
• Have the ability to communicate and collaborate across organizations, including CloudOps, IT, Legal, Audit, and senior leadership, to drive successful results
• Have excellent written and verbal communication skills and a high level of personal and professional integrity
• Have the ability to promote, work, and act in a manner consistent with the mission and core values of Vendavo
• Have experience with contract and vendor negotiations and management, including managed services
• Have strong project management and organizational skills, specifically in managing diverse and concurrent workloads
• Have adaptability to a variety of situations, individuals, and groups with an openness to new and different ways of solving problems and achieving objectives
• Have the ability and willingness to travel periodically

Responsibilities

• Lead the continuous improvement of Vendavo’s information security program, including policies, procedures, standards, and guidelines
• Continuously identify and evaluate emerging threats and their potential risk to Vendavo and its customers
• Identify regulatory changes that would impact existing information security policies and procedures and recommend appropriate amendments
• Deliver both technical guidance and technical solutions related to enhancing the security posture of Vendavo
• Coordinate the efforts and assist in the responses, reporting, and remediation of information security programs and risk assessments
• Partner with stakeholders across Vendavo to raise awareness of risk management concerns and develop remediation plans
• Represent the face of Vendavo’s information security program to employees, customers, and prospects
• Oversee information technology and cyber security solutions, including endpoint protection, intrusion detection and prevention, data loss prevention, activity monitoring, and recurring security tasks, such as application monitoring, vulnerability management, incident response, internal and external audits, and program management of security initiatives
• Be directly responsible for all assurance activities related to the confidentiality, integrity, and availability of customer, partner, employee, and company information in compliance with Vendavo’s information security policies
• Work with executive management to assess and determine acceptable levels of risk and maintaining an enterprise-wide information security program to ensure that information assets are adequately protected

Preferred Qualifications

Have CCSP and/or CISA certifications

Benefits

• Be fully remote based with the flexibility to work from anywhere in India
• Have professional growth and Development opportunities
• Work within a team of friendly, skilled people where help is always within reach
• Have flexible working hours
• Have 4 recharge days, where the entire company goes on a brief pause in all geographies for 1 day each quarter. This day can be spent in whatever way helps you recharge, to regain energy, and dive back into the next workday
• Receive a high-end laptop (Dell or Mac)
• Receive competitive pay and bonus
• Receive 18 vacation days in a year in addition to 12 days sick and 3 days casual leave
• Receive 16 hours of paid volunteer time off per year
• Receive a wedding gift and newborn gift allowance
• Receive 26 weeks of paid maternity leave and one week of paid paternity leave
• Receive Health Insurance of up to 7 lacs for self, spouse, 4 dependent children, and parents. 100% of the premium is paid by Vendavo and it covers the employee, spouse, children, and their parents
• Receive Provident fund contributions