Key Responsibilities:
Security Strategy & Governance
- Develop, execute, and continuously improve the enterprise information security strategy, policies, and procedures aligned with business objectives.
- Lead the implementation and maintenance of the ISO 27001 Information Security Management System (ISMS) and ensure ongoing compliance with relevant regulatory standards, including GDPR, HIPAA, FDA 21 CFR Part 11, PCI-DSS, NIST, and SOC 2.
- Conduct internal audits, gap analyses, and readiness assessments for certifications, and develop policies, procedures, and controls to maintain compliance.
- Establish crisis management, business continuity, and incident reporting frameworks.
Security Operations
- Oversee SOC operations, SIEM monitoring, threat detection, and incident response.
- Lead vulnerability management and penetration testing programs.
- Coordinate response ...