Posted at: 10 November

Head of IT Security

Company

Creatio

Creatio is a global vendor of a no-code platform to automate workflows and CRM with a maximum degree of freedom.

Remote Hiring Policy:

Creatio has a flexible remote work policy, allowing employees to work from anywhere. Creatio hires remotely from all over the world.

Job Type

Full-time

Allowed Applicant Locations

Brazil, Worldwide

Apply Here

Job Description

We are looking for an experienced Head of IT Security with a background in IT product development to manage and oversee all information security matters within our company.

Responsibilities:

  • Security Strategy and Planning:  Developing and implementing a thorough information security strategy and roadmap to address current and future threats, vulnerabilities, and risks

  • Security Leadership : Providing strategic direction and leadership for the Information Security team, ensuring alignment with business objectives, industry standards, and best practices

  • Risk Management : Overseeing risk assessment and management processes, identifying and prioritizing security risks, and implementing appropriate controls and mitigation strategies

  • Governance, Compliance, and Regulatory : Ensuring ongoing compliance with relevant regulations and standards like ISO 27001, ISO 27017/18, SOC 2 Type, HIPAA, GDPR, etc.

  • Vendor and Third-Party Risk Management : Supervising the evaluation and management of security risks associated with third-party vendors and partners

  • Security Awareness and Training:  Developing and implementing security awareness programs to educate employees and promote a culture of security awareness and compliance

  • Security Governance and Compliance : Establishing and maintaining security policies, standards, and procedures to ensure compliance across the organization

  • Security Metrics and Reportin g: Defining and tracking key security metrics to evaluate the effectiveness of security controls and reporting on security status to executive leadership and stakeholders

Qualifications:

  • Bachelor’s degree in Computer Science, Information Security, or related field

  • Industry certifications such as CISSP, CISM, CISA, or equivalent

  • 3+ years experience in information security leadership roles in SaaS domain / +7 years experience in the information security field overall

  • Good knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc

  • Strong understanding of cloud security principles and best practices, particularly in AWS/Azure

  • Experience in managing security incidents and leading incident response

  • Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, or partners)

  • Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation

  • Ability to collaborate cross-functionally and influence stakeholders at all levels of the organization

Apply Here