Information Security Officer (ISO)
- Viet Nam
- Full Time
As Windmill Digital’s ISO, you’ll play a pivotal role in guiding our information security and data privacy initiatives. We seek a seasoned professional to leverage their extensive knowledge and hands-on expertise to fortify our cybersecurity posture, aligning with our growth trajectory.
Security Architecture & Strategy:
- Design and develop a holistic information security and data privacy program, scaling with company growth.
- Formulate best practices and set security standards, while preparing and documenting SOPs and protocols.
- Spearhead security assessment processes, encompassing penetration testing, vulnerability management, and secure software development.
- Expand security tooling and automation efforts across the organization.
Threat Management & Mitigation:
- Proactively spot security issues and threats, devising robust processes and systems to safeguard against them.
- Steer compliance endeavors, including external audits, regulatory compliance initiatives, and overarching security evaluations.
- Convey infosec and data privacy operational goals, relaying their impact to stakeholders.
Stakeholder & External Communication:
- Engage with outside stakeholders, encompassing customers, partners, compliance bodies, and other legal/regulatory authorities.
- Deliver strategic risk guidance, evaluating and suggesting technical standards and controls.
- Set in place a robust incident management process.
- 5 to 8 years of proven information security management experience.
- Bachelor’s degree in Computer Science, Cybersecurity, or related fields.
- Certifications like CISSP and/or CISA are preferred.
- Expertise in compliance, especially in frameworks such as COBIT, ITIL, ISO27001/2, NIST, and SOC2.
- Hands-on experience in security assessment, cloud architecture, threat modeling, and policy drafting.
- In-depth comprehension of Secure SDLC, DevSecOps, or security automation.
- Ability to communicate effectively with external Data Privacy and Info Sec representatives.
- Knowledge of key legislations like HIPAA, SOX, PCI, and GDPR.
- ISO27001 auditor or implementer experience can be additional plus
Windmill Digital is a boutique digital product delivery company, creating solutions that address modern challenges. Our clientele ranges from innovative startups to multinational corporations. We also nurture our in-house products under Windmill Ventures. With our headquarters in Switzerland, our diverse team is scattered across the UK, USA, Portugal, Ukraine, and India.
- A flexible work culture, emphasizing autonomy over when and where you work.
- Competitive remuneration and perks.
- An inclusive environment fostering diversity and international collaboration.
- Engaging tasks with opportunities for career growth.
- Periodic performance reviews, synchronized with promotional cycles.
Equal Opportunities at Windmill:
We champion diversity at Windmill Digital, providing equal employment opportunities to all candidates, regardless of age, religion, ethnicity, sexual orientation, or disability.
Feel you resonate with our ethos and the role? Send your CV our way and let’s initiate a conversation.
For more about us, navigate to: https://www.windmill.digital.