Head of IT Security at Creatio

We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Head of IT Security Creatio. We are looking for an experienced Head of IT Security with a background in IT product development to manage and oversee all information security matters within our company.. Responsibilities:. Security Strategy and Planning. : Developing and implementing a thorough information security strategy and roadmap to address current and future threats, vulnerabilities, and risks. Security Leadership. : Providing strategic direction and leadership for the Information Security team, ensuring alignment with business objectives, industry standards, and best practices. Risk Management. : Overseeing risk assessment and management processes, identifying and prioritizing security risks, and implementing appropriate controls and mitigation strategies. Governance, Compliance, and Regulatory. : Ensuring ongoing compliance with relevant regulations and standards like ISO 27001, ISO 27017/18, SOC 2 Type, HIPAA, GDPR, etc.. Vendor and Third-Party Risk Management. : Supervising the evaluation and management of security risks associated with third-party vendors and partners. Security Awareness and Training. : Developing and implementing security awareness programs to educate employees and promote a culture of security awareness and compliance. Security Governance and Compliance. : Establishing and maintaining security policies, standards, and procedures to ensure compliance across the organization. Security Metrics and Reporting. : Defining and tracking key security metrics to evaluate the effectiveness of security controls and reporting on security status to executive leadership and stakeholders. Qualifications:. Bachelor’s degree in Computer Science, Information Security, or related field. Industry certifications such as CISSP, CISM, CISA, or equivalent. 3+ years experience in information security leadership roles in SaaS domain / +7 years experience in the information security field overall. Good knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc. Strong understanding of cloud security principles and best practices, particularly in AWS/Azure. Experience in managing security incidents and leading incident response. Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, or partners). Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation. Ability to collaborate cross-functionally and influence stakeholders at all levels of the organization