● Develop and manage the enterprise-wide Security Programs to protect the companies’ digital assets.
● Build a strong risk control framework within a fast-paced technology environment.
● Identify, develop, implement, maintain and monitor a complete cybersecurity program which includes Security processes, Practices, Respond to incidents, Limit exposure and liability in all areas of informational, financial, secure corporate IP and reputational risk.
● Drive security standards across the organization in strong partnership with internal R&D, Engineering, Information Technology, HR, Legal, including information security policies, guidelines and SDLC as well as security in the cloud.
● Lead regular internal review of systems, accounts, and data management to fulfill security audit documentation requirements
● Lead the cybersecurity steering committee and update management and audit committee on cybersecurity progress, roadmap and risks
● Lead and maintain all certification efforts (including SOC2, ISO, CIS Standards, HIPAA and GDPR).
● Analyze and test systems and processes to understand vulnerabilities to cyber threats.
● Identify, define, and lead the remediation of gaps in security controls or solutions and ensure company systems meet all security configuration requirements
● Respond to vendor security audits and customer security questions, requirements, compliance checks, compromise assessments, and Incident Response.