Virtual Chief Information Security Officer
At Sofecta Labs we are committed to protecting Customer’s digital infrastructure and ensuring the security of our customer’s data. As an industry leader in Managed Security Services, we understand the critical importance of cybersecurity in today's digital landscape.
We are seeking a highly skilled and experienced Virtual Chief Information Security Officer (vCISO) to join our team and help our customers strengthening their cybersecurity posture and regulatory compliance
Position Overview:
The Virtual Chief Information Security Officer (vCISO) will play a pivotal role in overseeing and enhancing our customer’s information security program. The vCISO will work mainly remotely and collaborate with various Customers to identify and mitigate security risks, develop and implement security policies, and ensure compliance with industry regulations. This is a key leadership position that requires a strategic thinker with a hands-on approach to managing cybersecurity challenges.
Key Responsibilities:
- Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with the Customer's goals and objectives
- Conduct risk assessments and vulnerability analyses to identify potential security threats and weaknesses.
- Develop and enforce security policies, procedures, and standards to protect sensitive information and ensure compliance with industry regulations, creating a tailored approach that aligns with each Customer’s business goals and regulatory environment.
- Lead incident response efforts, including the development and testing of incident response plans.
- Provide expert guidance on security best practices to internal teams and stakeholders.
- Monitor and assess emerging cybersecurity threats and trends and adjust strategies accordingly.
- Ensure compliance with relevant security frameworks and regulations, such as ISO27001, NIS2, DORA, GDPR, and others.
- Oversee the security awareness training programs for employees to promote a culture ofsecurity.
- Report on the effectiveness of the security program to senior management and recommend improvements as necessary.
Qualifications:
- Extensive experience as a CISO, Information Security Officer, or in a similar managerial position, with a keen focus on external Customer relations and service provision.
- Solid familiarity with cloud-based technologies and architectures, specifically with platforms like AWS, Azure, and Google Cloud.
- In-depth knowledge of cybersecurity frameworks, standards, and best practices.
- Strong understanding of risk management, IT governance, and incident response.
- Experience with security tools and technologies, and the ability to integrate them effectively.
- Excellent communication and leadership skills, with the ability to convey complex security concepts to non-technical stakeholders.
- Relevant certifications such as CISSP, CISM, CISA, or equivalent is strongly preferred.
- Strong communication skills, adept in conveying complex and technical issues to diverse audiences, including technical and non-technical Customer representatives.
- Demonstrated proficiency in developing and securing multi-tenant environments, managing third-party risks, and implementing dedicated Customer security infrastructures.
- Finnish citizenship is required.
What We Offer:
- Competitive salary and benefits package.
- Flexible remote work environment.
- Opportunity to work with a dynamic and innovative team.
- Ongoing professional development and training opportunities.
- The chance to make a significant impact on the security posture of wide range of our customer organizations.
How to Apply:
- Interested candidates are invited to submit their resume anda cover letter outlining their qualifications and experience to marko.nenonen@sofectalabs.io with the subject line "Virtual CISO Application - [Your Name]".
- Applications will be reviewed on a rolling basis until the position is filled.