We are seeking a Chief Information Security Officer to drive cybersecurity resilience, governance, operations, engineering, and testing across both on-premises and major cloud platforms.

Mandatory Skill(s)

• Degree in Computer Science, Information Systems, Engineering, or a related discipline;
• Must have 8+ years of experience in information security, with significant leadership or management responsibility;
• Strong knowledge of cybersecurity governance, security operations, architecture, and assurance;
• Must have experience securing on-premises environments and cloud platforms (AWS, Azure, GCP);
• Solid understanding of cloud service models, identity and access management, and modern application architectures;
• Proven ability to evaluate threats, vulnerabilities, compliance obligations, and business impact;
• Proficient with Infrastructure as Code (IaC) tools and securing CI/CD pipelines;
• Deep understanding of cloud models (IaaS, PaaS, SaaS) and modern cloud-native architectures (e.g. serverless, containers, microservices);
• Excellent communication skills with the ability to engage senior executives and diverse stakeholders;
• Collaborative, adaptive leadership style aligned with agile ways of working.

Desirable Skill(s)

• Certifications such as CISM, CCSP, CISSP, GCIH.

Responsibilities

• Spearhead agency’s cybersecurity function across governance, risk, and operations;
• Define security strategies, policies, and roadmaps that support organizational and ministry-level priorities;
• Identify, assess, and communicate cyber risks, recommending pragmatic mitigation strategies and tracking residual risk;
• Partner with business and technology teams to ensure security is integrated into system design, development, and deployment;
• Provide security oversight for agency projects, including architecture reviews and approval of security controls;
• Maintain visibility over ICT assets, security architectures, and day-to-day security operations;
• Establish incident preparedness through response plans, playbooks, simulations, and exercises; lead investigations and recovery efforts during cyber incidents;
• Advise leadership on appropriate security technologies and emerging threats, translating technical risks into business impact;
• Champion secure engineering practices, including DevSecOps, CI/CD security, and cloud-native protection;
• Build organizational cyber awareness through targeted training and engagement programmes.

If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Gunjan Arora at gunjan.a@sciente.com quoting the job title.