Information Security Officer • Windmill
Back to jobs list

Information Security Officer

  • India
  • Full Time

Summary:
As Windmill Digital’s ISO, you’ll play a pivotal role in guiding our information security and data privacy initiatives. We seek a seasoned professional to leverage their extensive knowledge and hands-on expertise to fortify our cybersecurity posture, aligning with our growth trajectory.

Key Responsibilities:

  1. Security Architecture & Strategy:

    • Design and develop a holistic information security and data privacy program, scaling with company growth.
    • Formulate best practices and set security standards, while preparing and documenting SOPs and protocols.
    • Spearhead security assessment processes, encompassing penetration testing, vulnerability management, and secure software development.
    • Expand security tooling and automation efforts across the organization.
  2. Threat Management & Mitigation:

    • Proactively spot security issues and threats, devising robust processes and systems to safeguard against them.
    • Steer compliance endeavors, including external audits, regulatory compliance initiatives, and overarching security evaluations.
    • Convey infosec and data privacy operational goals, relaying their impact to stakeholders.
  3. Stakeholder & External Communication:

    • Engage with outside stakeholders, encompassing customers, partners, compliance bodies, and other legal/regulatory authorities.
    • Deliver strategic risk guidance, evaluating and suggesting technical standards and controls.
    • Set in place a robust incident management process.

Qualifications:

  • 5 to 8 years of proven information security management experience.
  • Bachelor’s degree in Computer Science, Cybersecurity, or related fields.
  • Certifications like CISSP and/or CISA are preferred.
  • Expertise in compliance, especially in frameworks such as COBIT, ITIL, ISO27001/2, NIST, and SOC2.
  • Hands-on experience in security assessment, cloud architecture, threat modeling, and policy drafting.
  • In-depth comprehension of Secure SDLC, DevSecOps, or security automation.
  • Ability to communicate effectively with external Data Privacy and Info Sec representatives.
  • Knowledge of key legislations like HIPAA, SOX, PCI, and GDPR.
  • ISO27001 auditor or implementer experience can be additional plus

About Windmill:
Windmill Digital is a boutique digital product delivery company, creating solutions that address modern challenges. Our clientele ranges from innovative startups to multinational corporations. We also nurture our in-house products under Windmill Ventures. With our headquarters in Switzerland, our diverse team is scattered across the UK, USA, Portugal, Ukraine, and India.

Benefits:

  • A flexible work culture, emphasizing autonomy over when and where you work.
  • Competitive remuneration and perks.
  • An inclusive environment fostering diversity and international collaboration.
  • Engaging tasks with opportunities for career growth.
  • Periodic performance reviews, synchronized with promotional cycles.

Equal Opportunities at Windmill:
We champion diversity at Windmill Digital, providing equal employment opportunities to all candidates, regardless of age, religion, ethnicity, sexual orientation, or disability.

Application Process:
Feel you resonate with our ethos and the role? Send your CV our way and let’s initiate a conversation.

For more about us, navigate to: https://www.windmill.digital.


Apply for this Position
* Required fields

First name*

Last name*

Email address*

Location

Phone number*

Resume*

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or paste resume

Paste your resume here or attach resume file

Total Experience*

Relevant Experience*

Do you have experience in Audit*

Current CTC*

Expected CTC*

Notice Period*

Human Check*