Job title: Telecom Information Security Head

Reports To: Chief Information Officer (CIO):

Department: Information Security

About the Role:

The Telecom CISO is responsible for leading the information security functions. This role involves ensuring the confidentiality, integrity, and availability of the company's telecommunications networks, systems, and data. The Telecom CISO works closely with stakeholders across the organization to develop and implement effective security strategies and measures.

Key Responsibilities:

• Develop and implement an enterprise-wide information security strategy aligned with the organization's objectives and compliance requirements.
• Lead the development, implementation, and enforcement of information security policies, standards, and guidelines specifically tailored to the unique challenges of the telecommunications industry.
• Conduct risk assessments and vulnerability assessments to identify and prioritize potential threats and vulnerabilities related to telecommunications networks and systems.
• Implement and manage security controls, such as firewalls, intrusion detection and prevention systems, strong authentication, encryption, and access controls, within the telecommunications infrastructure.
• Monitor and investigate security incidents in the telecommunications networks and systems, conduct forensic analysis, and recommend appropriate measures to mitigate future risks.
• Collaborate with internal stakeholders, such as network operations, systems development, legal, and regulatory compliance teams, to ensure that security controls are integrated effectively into all aspects of the telecommunications infrastructure.
• Stay updated on the latest security threats, vulnerabilities, and industry trends in the telecommunications sector to proactively identify and respond to emerging risks.
• Establish and maintain relationships with industry organizations, government entities, and telecom-specific security forums to exchange information and collaborate on security-related matters specific to the telecom industry.
• Develop and conduct security awareness and training programs for employees working in the telecommunications industry to enhance their understanding of information security risks and best practices.
• Develop and maintain a disaster recovery and business continuity plan specific to telecommunication networks to ensure the timely recovery and resumption of critical communications services in the event of a security breach or an IT outage.

Required Skills and Qualifications:

• A Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field is typically required.
• A Master’s degree in Cybersecurity, Information Security, Information Systems, or an MBA with a focus on technology management is highly desirable.
• Minimum of 7-10 years in information security roles with at least 5 years in a leadership position.
• Experience in the telecommunications industry is highly preferred.
• Extensive experience with security operations, cyber risk management, compliance, and information security management.
• Proven experience in managing large-scale security projects.
• Certified Information Systems Security Professional (CISSP):
• Certified Information Security Manager (CISM):
• Certified Information Systems Auditor (CISA):
• Relevant for professionals responsible for monitoring, managing, and protecting IT and business systems.
• Proves skills in identifying and addressing security vulnerabilities.
• Important for managing cloud environments securely.
• In-depth knowledge of information security principles, best practices, and technologies specifically related to telecommunications networks and systems.
• Understanding of regulatory requirements specific to the telecommunications industry, such as those set by the Federal Communications Commission (FCC) or other telecommunications regulatory bodies.
• Experience in developing and implementing information security programs in the telecommunications industry.
• Strong understanding of telecommunication network architecture, protocols, and technologies.
• Ability to effectively communicate complex security risks, strategies, and recommendations to non-technical stakeholders within the telecommunications industry.
• Proven experience in leading and managing a team of information security professionals within the telecommunications domain.