Dalet CISO

Job description

Who We Are

A leading, independent software and services provider with $70 million in annual sales and focusing on cloud based subscription business, Dalet empowers broadcast, and media organizations all around the world. Our solutions allow media professionals to create, manage, and distribute (social media, mobile, VOD, and OTT) content faster and more efficiently, fully maximizing the value of assets. When combined, Dalet products power end-to-end, unified multimedia operations for news, sports, program preparation, production, archive, and radio.

Dalet solutions are used around the world by many thousands of individual users at hundreds of content owners, producers, and distributors, including public broadcasters such as the BBC, France TV, VOA, commercial networks and operators such as HBO, Canal+, NBC, FOX, CBS, Mediaset, and government & international organizations such as the UK Parliament, the UN, NASA, and many others.


Top Reasons to Join Us

· Revolutionize a big industry in a dynamic, fast-growing, yet mature, company 

· Benefit from great career opportunities around the world 

· Make the most of a truly collaborative environment with supportive leadership 

· Collaborate with talented and passionate team members 

· Enjoy a fun working environment

· Evolve with cutting edge technologies (Dockers, Kubernetes, AI, Cloud, SaaS) and security challenges.

  Dalet is the perfect place for talented, internationally minded, and highly motivated individuals looking to join a dynamic company where things get done!

 

Who You Are

Modern Cloud deployments, Web and Mobile apps empower users but open a set of security threats. Recent highly visible events heighten the need to put security at the heart of our activities. Moreover, security is key in News and Media, the core markets addressed by Dalet.

In this context, we need to actively defend our reputation by defining clear responsibility and communicating a well published security strategy/process.

We are looking for a highly motivated leader to fill the position of CISO (Chief Information Security Officer). In this role, you will be responsible to manage and enhance our overall security position. You will formulate a global strategy covering both internal operations, customer operations of our new SaaS products and relations with third-party providers.


As a CISO, you will own all the internal aspects of Information Security, Certification programs, international security norms and vendors’ security duties.

You will also address properly customer concerns about our existing and future products through comprehensive and polished/vetted presentations in support of our Sales and Professional Services teams (RFPs, and security assessment).


By answering to this challenge, you should be responsible to document and communicate on the implementation of the security strategy both inside the company, (policies and processes, incidents management…); and also outside to our partners and customers. This includes executive level presentations to management and for consumption by customers and prospects.



What You’ll Do

You will be fully in charge of the security topics that run across all company departments. You will address both operations and products/platform security and represent the company in front of our customers and partners.

As part of your Management role, you will develop a culture of Security across the company to ensure that Information Security policies are understood and applied rigorously and become the concern of everyone. You will encourage teamwork, innovation and excellence through coaching. You will prepare weekly or monthly reports to address achievements, issues and objectives.

You will manage the renewal of the company’s compliance certifications (27001, SOC2), review of company-wide Security and Privacy processes and security-related documentation. You will develop training programs to help achieve compliance and awareness.

By interacting with all departments, we are expecting from you to orchestrate the different security-related initiatives and efforts across the company, being accountable on this to the top management.

  • Interaction with the Operations Department, monitoring customers hosted systems, third-party dependencies (applications hosted in the cloud or offered as SaaS).
    • Responsible to apply a global protection of data in all departments. Risks identification. Controls. This includes our on-premise architecture, but also our cloud platform.
    • Operations Security / Protection of Customer Data. Enforcement of customer rules. Management of customer systems access. Evaluation of risks & controls. Support our international sales and customer success teams in term of security.
  • Interaction with R&D and Operations Departments:
    • Define objectives, policies, find partners/tools for code analysis, penetration testing, etc. Prepare documentation for external consumption to answer most frequent concerns on system and data security for both on-premise and cloud/SaaS solutions.
    • Deep knowledge of complex security environment (SecOps / DevSecOps, and norms: SIEM, UEBA, XDR, SOAR, IDS/IPS) 
    • From open source to enterprise solutions.
    • Address legacy systems vulnerabilities.
  • Interaction with R&D department: Experience with solutions like Veracode (DAST / SAST, Penetration Tests, SonarQube) and OWASP ZAP, Wazuh.  
  • Interaction with IT department on Dalet internal network security
    • Plan audits by external companies and manage follow-up.
    • Review and monitor our Disaster Recovery & Business Continuity Plans, including rehearsals, for all departments.
    • Management of security incidents according to our defined policies and compliance rules.
  • Interaction with legal department on all security issues, including liability, compliance, physical and internal security. Identify technical vulnerabilities and risks, Management of escalation situations.


Requirements

To be successful in this role you will possess the following skills and experience: 

 Bachelor’s or MSc Degree in Information Systems, Computer Science or related 

+ 5 years of experience in Security 

Solid knowledge of the Cyber security field, understanding of threats. 

Experience in IT – network, servers, OS – is a Plus 

Knowledge in AWS Security environment - is a Plus. 

Fluent in written and spoken English 

Cyber Certification is a Plus 

Managerial experience is a Plus 


Soft skills 

Proven team management skills  

Strong communication skills 

Ability to listen and communicate clearly with different areas of the business, and at high level interaction with customers and prospects 

Be a self-starter with the capability to work autonomously 

Strong customer focus 

Proactive attitude, anticipation, availability 

Organized & attentive to details