Virtual Chief Information Security Officer vCISO

• Lead vulnerability risk assessments.

• Implement cyber security frameworks, including NIST 800-53, ISO 27002.

• Provide oversight on incident response planning.

• Create and maintain security policies and procedures.

• Serve as an advisor for Governance, Risk, and Compliance.

• Provide leadership in performing regulatory assessments.

• Coordinate Disaster Recovery processes and procedures.

• Develop and implement Disaster Recovery and Business Continuity Plan policies.

• Identify and prioritize key assets for the plan.

• Schedule and plan periodic exercises of the plan.

• Manage disaster recovery exercises and provide feedback to stakeholders.

• Document the Disaster Recovery and Business Continuity Plans.

• Provide a strategic plan for backup of critical assets and systems.

• Conduct asset management reviews.

• Quantify the overall value of security initiatives.

• Assess the cost of security tools or systems and analyze the return on investment.

• Establish a detailed documentation standard and review process.

• Contribute to the development and documentation of key cyber security policies.

• Maintain a standard approval process for policy reviews.

• Provide leadership and guidance on the implementation of regulatory compliance objectives.

• Conduct internal assessments and respond to external compliance reviews.

• Stay current on regulatory compliance updates related to the organization.

• Address standards such as SOC, PCI, HIPAA, GDPR, or FedRAMP.

• Ensure third-party systems meet security standards and align with business objectives.

• Maintain a risk assessment standard for new systems, including penetration testing or vulnerability scans.

ValueMentor Infosec Private Limited (SEZ)