CISO Lead

תיאור משרה

We are seeking a strategic and hands-on Senior Chief Information Security Officer (CISO) to lead and continuously enhance our enterprise-wide cybersecurity posture, with a specialized focus on cloud-native environments, AI/ML systems, and SOC 2 compliance. The ideal candidate will combine deep technical expertise with executive-level leadership to align security initiatives with organizational goals and emerging technology risks.
________________________________________
Key Responsibilities:

Strategic Leadership & Governance
• Define and lead the enterprise security vision, strategy, and roadmap.
• Serve as the executive advisor to the board and C-suite on cybersecurity, data privacy, and technology risk.
• Develop and maintain comprehensive security policies and risk management frameworks aligned with SOC 2, NIST, ISO 27001, and industry best practices.

Cloud Security
• Oversee security architecture and operations across multi-cloud environments (e.g., AWS, Azure, GCP).
• Implement and monitor cloud security controls, including identity and access management (IAM), data protection, workload security, and cloud-native security tooling (CSPM, CWPP).
• Ensure secure configuration, deployment, and monitoring of infrastructure-as-code (IaC), containers (Kubernetes), and serverless components.

AI/ML Security
• Establish secure development and deployment practices for AI and ML pipelines.
• Mitigate risks related to model poisoning, data manipulation, adversarial attacks, and unauthorized access to training data or inference APIs.
• Define governance and ethical use policies for AI, ensuring accountability, explainability, and compliance with emerging regulations.

SOC 2 Compliance & Risk Management
• Lead SOC 2 Type I/II readiness and audit preparation across all Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, Privacy).
• Manage vendor risk assessments and third-party due diligence processes.
• Maintain continuous compliance monitoring and internal control effectiveness across the organization.

People & Culture
• Build, mentor, and retain a high-performing cybersecurity team.
• Drive security awareness training and a culture of security-first thinking across all