Senior Director

Company Overview

Incedo is a US-based consulting data science and technology services firm with over 3000 people helping clients
from our six offices across US Mexico and India. We help our clients achieve competitive advantage through
end-to-end digital transformation. Our uniqueness lies in bringing together strong engineering data science and
design capabilities coupled with deep domain understanding. We combine services and products to maximize
business impact for our clients in telecom Banking Wealth Management product engineering and life science
& healthcare industries.
Working at Incedo will provide you an opportunity to work with industry leading client organizations deep
technology and domain experts and global teams. Incedo University our learning platform provides ample
learning opportunities starting with a structured onboarding program and carrying throughout various stages of
your career. A variety of fun activities is also an integral part of our friendly work environment. Our flexible
career paths allow you to grow into a program manager a technical architect or a domain expert based on your
skills and interests.
Our Mission is to enable our clients to maximize business impact from technology by

• Harnessing the transformational impact of emerging technologies
• Bridging the gap between business and technology

Role Description

Job Summary: The Chief Information Security Officer (CISO) is responsible for developing implementing and overseeing the security strategy for an IT outsourcing company. The CISO will ensure the security integrity and compliance of client and internal IT systems while mitigating cybersecurity risks. This role involves working closely with clients regulatory bodies and internal teams to implement best security practices and maintain compliance with industry standards. Key Responsibilities: Strategic Leadership Develop and implement a comprehensive cybersecurity strategy aligned with business objectives. Lead the information security function to protect company and client data from cyber threats. Establish policies procedures and frameworks to secure IT infrastructure and outsourced services. Security Governance & Compliance Ensure compliance with industry regulations such as ISO 27001 SOC 2 GDPR HIPAA and other applicable security frameworks. Conduct regular security audits and risk assessments to identify vulnerabilities and implement corrective actions. Establish security governance frameworks and ensure adherence to global best practices in IT security. Work with legal and compliance teams to assess security risks in contracts and SLAs with clients. Risk Management & Incident Response Identify assess and mitigate security risks related to IT outsourcing operations. Develop implement and test incident response plans to address security breaches and cyber threats. Monitor and analyse security incidents ensuring timely resolution and documentation. Lead disaster recovery and business continuity planning efforts. Security Architecture & Technology Define and oversee the implementation of security architecture for outsourced IT services. Collaborate with IT teams to integrate security into DevOps cloud services and application development. Evaluate and implement advanced cybersecurity tools and threat intelligence solutions. Ensure security best practices in network endpoint and data protection for client engagements. Implement secure email gateways DMARC DKIM and SPF protocols to prevent email spoofing and phishing attacks. Deploy and manage advanced endpoint security solutions including next-gen antivirus (NGAV) and behavioural analytics. Monitor and enhance web application firewall (WAF) solutions to prevent application-layer attacks. Strengthen security posture with zero-trust architecture data loss prevention (DLP) and privileged access management (PAM).

Technical Skills

Client & Stakeholder Engagement Act as a trusted advisor for clients on cybersecurity and data protection matters. Provide security guidance and assurance during client onboarding and ongoing engagements. Educate clients on emerging threats and security measures to safeguard their IT assets. Collaborate with sales and pre-sales teams to address security concerns in RFPs and proposals. Team Development & Security Awareness Build and lead a high-performing cybersecurity team within the organization. Develop and deliver security awareness training programs for employees and outsourced IT teams. Foster a culture of cybersecurity awareness across all levels of the organization. Required Skills & Expertise Comprehensive Expertise in Cybersecurity Tools & Platforms: Demonstrated hands-on experience with a wide range of advanced cybersecurity technologies including Endpoint Detection and Response (EDR) Security Information and Event Management (SIEM) systems like Splunk and Microsoft Sentinel Data Loss Prevention (DLP) Identity and Access Management (IAM) Web Application Firewalls (WAF) Firewalls and Cloud Access Security Brokers (CASB). The CISO must be adept at selecting implementing and optimizing these tools to secure both internal and client-facing environments. Leadership in Cybersecurity Transformation: Proven track record of conceptualizing and leading enterprise-wide cybersecurity transformation programs ensuring alignment with business goals industry regulations and emerging threat landscapes. This includes modernizing security architectures redefining incident response frameworks and embedding security into the companys digital transformation journey. Cloud Security Mastery: In-depth knowledge of cloud security frameworks and implementation across major platforms such as AWS Microsoft Azure and Google Cloud Platform (GCP). The candidate should be capable of enforcing security controls in hybrid and multi-cloud environments including workload protection cloud-native controls encryption and identity governance. DevSecOps & Infrastructure Security: Strong understanding and practical application of DevSecOps principles infrastructure security and the secure software development lifecycle (SSDLC). The CISO must be able to embed security automation and compliance checks into CI/CD pipelines and promote secure coding practices. Audit & Compliance Management: Significant hands-on experience managing internal and third-party audits overseeing regulatory inspections and conducting enterprise risk assessments. Familiarity with compliance frameworks such as ISO 27001 SOC 2 GDPR HIPAA and other relevant standards for IT outsourcing firms is essential.

Nice-to-have skills

Qualifications

Company Value

We value diversity at Incedo. We do not discriminate based on race religion color national origin gender sexual orientation age marital status veteran status or disability status.