This CISO role is for a global cybersecurity leader with a passion for Linux and open source to help define the way Canonical secures its corporate infrastructure, designs its products and assures regulatory compliance.
This role will be responsible for the end to end definition and implementation of the cybersecurity and compliance program. They will continue to build a world-leading team of cybersecurity professionals currently in excess of 30 people and work to define and implement process and technical security controls. It is important for the CISO to work closely with the business, infrastructure, product and engineering teams to define and meet cybersecurity and compliance targets.
This role reports to our CFO.
Key responsibilities
Define a cybersecurity strategy and operating model that is aligned with our business objectives
Develop and track a clear, measurable cybersecurity plan
Assume responsibility for Canonical’s information security and compliance program
Build, develop and lead a high performing cybersecurity and compliance team
Advise business and engineering leadership in the implementation of cybersecurity and compliance
Present regular reports to Canonical executives and our Board of Directors
Integrate an information and cyber security risk management framework
Define and deliver a cybersecurity culture and awareness program for employees and partners
Define and implement an information assurance framework, ensuring regulatory compliance
Monitor and respond to security and privacy incidents
Lead the implementation of a secure system development life-cycle
Valued skills and experience
A bachelor’s degree in computer science, information technology, or a related field; MBA preferred
Substantial experience in risk management, information security, or incident response
Experience implementing a cybersecurity and compliance program in an engineering organization
Experience building and leading a cross functional cybersecurity and compliance team
Proven ability to define, implement and measure effective incident response playbooks and a cybersecurity culture program
Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST
Knowledge of international privacy laws and financial reporting requirements
Understanding of current legislation and regulations relevant to our organization
Excellent project management and leadership skills
Excellent communication skills
Familiarity with cloud native technologies and agile development methodologies a plus
Past experience leading the incident response to a large scale cyber security threat a plus
Apply via :
boards.greenhouse.io
Leave a Reply