Chief Information Security Officer

Work set-up: 
Full Remote
Contract: 
Full time
Experience: 
Senior (5-10 years)
Work from: 
India

Offer summary

Qualifications:

Bachelor's degree in engineering, Computer Science, or related field; postgraduate degree or MBA preferred., Industry certifications such as CISSP, CISM, CISA, CRISC, or CCSP are required., Minimum 10 years of experience in cybersecurity leadership roles, including enterprise security transformation., Deep expertise in cybersecurity tools, cloud security, DevSecOps, and compliance frameworks..

Key responsibilities:

  • Develop and implement cybersecurity strategies aligned with business goals.
  • Lead security governance, compliance, and risk management initiatives.
  • Oversee security architecture, incident response, and threat intelligence activities.
  • Engage with clients and stakeholders to provide security guidance and assurance.

qode.world logo
qode.world
See all jobs

Job description

Chief Information Security Officer (CISO) & Head of Cybersecurity Practice
Location: Gurgaon, India Experience: Minimum 10 years of progressive experience in cybersecurity leadership roles Type: Fulltime, Leadership Role
Level: Director or Sr. Director
About Incedo
Incedo is a USbased consulting, analytics, and technology services firm helping our clients achieve competitive advantage through endtoend digital transformation. We bring in a unique combination of Consulting, DataAI, and Digital Technologies to solve complex business problems for its global set of marquee clients. With offices across the US, Canada, Mexico, and India, and over 4,000 employees globally, we operate at the cutting edge of data, design, and technology. Our core verticals include Telecom, Banking & Payments, Wealth Management, HiTechProduct Engineering, Life SciencesPharmaHealthcare.
Our unique value lies in blending strong engineering, data science, and experience design capabilities with deep domain expertise, enabling us to deliver significant business impact using emerging technologies.
Job Summary: The Chief Information Security Officer (CISO) is responsible for developing, implementing, and overseeing the security strategy for an IT outsourcing company. The CISO will ensure the security, integrity, and compliance of client and internal IT systems while mitigating cybersecurity risks. This role involves working closely with clients, regulatory bodies, and internal teams to implement best security practices and maintain compliance with industry standards.
Key Responsibilities:
Strategic Leadership
Develop and implement a comprehensive cybersecurity strategy aligned with business objectives.
Lead the information security function to protect company and client data from cyber threats.
Establish policies, procedures, and frameworks to secure IT infrastructure and outsourced services.
Security Governance & Compliance
Ensure compliance with industry regulations, such as ISO 27001, SOC 2, GDPR, HIPAA, and other applicable security frameworks.
Conduct regular security audits and risk assessments to identify vulnerabilities and implement corrective actions.
Establish security governance frameworks and ensure adherence to global best practices in IT security.
Work with legal and compliance teams to assess security risks in contracts and SLAs with clients.
Risk Management & Incident Response
Identify, assess, and mitigate security risks related to IT outsourcing operations.
Develop, implement, and test incident response plans to address security breaches and cyber threats.
Monitor and analyse security incidents, ensuring timely resolution and documentation.
Lead disaster recovery and business continuity planning efforts.
Security Architecture & Technology
Define and oversee the implementation of security architecture for outsourced IT services.
Collaborate with IT teams to integrate security into DevOps, cloud services, and application development.
Evaluate and implement advanced cybersecurity tools and threat intelligence solutions.
Ensure security best practices in network, endpoint, and data protection for client engagements.
Implement secure email gateways, DMARC, DKIM, and SPF protocols to prevent email spoofing and phishing attacks.
Deploy and manage advanced endpoint security solutions, including nextgen antivirus (NGAV) and behavioural analytics.
Monitor and enhance web application firewall (WAF) solutions to prevent applicationlayer attacks.
Strengthen security posture with zerotrust architecture, data loss prevention (DLP), and privileged access management (PAM).
Client & Stakeholder Engagement
Act as a trusted advisor for clients on cybersecurity and data protection matters.
Provide security guidance and assurance during client onboarding and ongoing engagements.
Educate clients on emerging threats and security measures to safeguard their IT assets.
Collaborate with sales and presales teams to address security concerns in RFPs and proposals.
Team Development & Security Awareness
Build and lead a highperforming cybersecurity team within the organization.
Develop and deliver security awareness training programs for employees and outsourced IT teams.
Foster a culture of cybersecurity awareness across all levels of the organization.
Required Skills & Expertise
Comprehensive Expertise in Cybersecurity Tools & Platforms:
Demonstrated handson experience with a wide range of advanced cybersecurity technologies including Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM) systems like Splunk and Microsoft Sentinel, Data Loss Prevention (DLP), Identity and Access Management (IAM), Web Application Firewalls (WAF), Firewalls, and Cloud Access Security Brokers (CASB). The CISO must be adept at selecting, implementing, and optimizing these tools to secure both internal and clientfacing environments.
Leadership in Cybersecurity Transformation:
Proven track record of conceptualizing and leading enterprisewide cybersecurity transformation programs, ensuring alignment with business goals, industry regulations, and emerging threat landscapes. This includes modernizing security architectures, redefining incident response frameworks, and embedding security into the company’s digital transformation journey.
Cloud Security Mastery:
Indepth knowledge of cloud security frameworks and implementation across major platforms such as AWS, Microsoft Azure, and Google Cloud Platform (GCP). The candidate should be capable of enforcing security controls in hybrid and multicloud environments, including workload protection, cloudnative controls, encryption, and identity governance.
DevSecOps & Infrastructure Security:
Strong understanding and practical application of DevSecOps principles, infrastructure security, and the secure software development lifecycle (SSDLC). The CISO must be able to embed security automation and compliance checks into CICD pipelines and promote secure coding practices.
Audit & Compliance Management:
Significant handson experience managing internal and thirdparty audits, overseeing regulatory inspections, and conducting enterprise risk assessments. Familiarity with compliance frameworks such as ISO 27001, SOC 2, GDPR, HIPAA, and other relevant standards for IT outsourcing firms is essential.
Incident & Crisis Management:
Demonstrated ability to lead crossfunctional teams during critical security incidents, including managing the technical response, external communications, legal implications, and postincident reviews. Experience handling data breaches and ransomware attacks with minimal disruption is a strong plus.
Cybersecurity Analytics & Threat Intelligence:
Expertise in utilizing cybersecurity analytics platforms and threat intelligence tools such as Qualys, Tenable, and commercialgovernment feeds to proactively detect, investigate, and respond to advanced threats.
ExecutiveLevel Communication:
Excellent ability to communicate complex security concepts and risks clearly and effectively to Csuite executives, board members, clients, and regulators. Should be capable of creating boardlevel reports, security dashboards, and businessaligned risk assessments.
Educational & Professional Qualifications
Academic Background:
A bachelor’s degree in engineering, Computer Science, Information Systems, or a related technical discipline is required. A Postgraduate Degree or MBA is preferred to ensure a balanced perspective between business and technical leadership.
Certifications:
Possession of industryrecognized certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information
Systems Control), or CCSP (Certified Cloud Security Professional) is essential, highlighting a commitment to professional excellence and continuing education in the field.
Soft Skills & Core Competencies
Visionary Leadership: Builds and mentors highperforming, globally distributed cybersecurity teams; fosters innovation and accountability
Strategic Execution: Balances longterm security vision with handson execution to drive measurable business outcomes
Analytical Risk Management: Proactively identifies threats and mitigates risks using a datadriven, practical approach
Ethical Leadership: Operates with integrity and transparency, ensuring compliance with all legal and regulatory standards
Crisis Resilience: Remains calm and decisive under pressure, effectively managing incidents and audits
Clear Communication: Simplifies complex technical issues for stakeholders; excels in documentation and boardlevel reporting
Why Join Us?
This is a highimpact leadership role at a pivotal moment in our growth. You will shape how we scale our product ecosystem, modernize engineering practices, and deliver value across business verticals. Join a collaborative, forwardlooking team that values innovation, autonomy, and bold thinking.

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Cloud ComputingRisk ManagementIncident ResponseDevSecOpsSoftware SecurityCrisis ManagementSecurity SoftwareCompliance ManagementAdvanced Security AnalyticsExecutive ConversationsCommunity AdvocacyStrategy ExecutionThought LeadershipEthical LeadershipRisk Analysis

Other Skills

  • Communication
Are you interested?

Chief Information Officer (CIO) Related jobs

See more Chief Information Officer (CIO) jobs