Chief Information Security Officer
phonon, automating outcomes
Job Description
Location: Vadodara (Preferred) / Remote with monthly visits to Vadodara
Engagement: Part-time (1 day per week) / Consultant
At 22North by Phonon, we are building enterprise software for airlines and BFSI customers worldwide. As we continue to scale, we are strengthening our Information Security, Privacy and Compliance framework.
We are looking for an experienced Information Security professional who can help us build systems—not just documentation.
This is a hands-on advisory role where your objective will be to mentor our engineering and infrastructure teams while building a security governance framework that becomes part of our operating culture.
- Build and mature our Information Security Management System (ISMS)
- Lead our journey towards ISO 27001 certification
- Drive SOC 2 Type II readiness
- Guide compliance with GDPR and India's Digital Personal Data Protection (DPDP) Act
- Build practical security processes including:
- Risk Management
- Asset Management
- Access Control
- Incident Response
- Vendor Risk Management
- Business Continuity & Disaster Recovery
- Security Awareness
- Vulnerability Management
- Review security architecture and operational controls with our engineering teams
- Conduct periodic internal audits and management reviews
- Build evidence repositories required for external audits
- Train and mentor our Infrastructure, IT and Security Operations teams so they can independently manage these systems over time
- CISSP and/or CISA certification (preferred)
- ISO 27001 Lead Implementer or Lead Auditor certification
- Experience implementing ISO 27001 in a software or SaaS organisation
- Experience preparing organisations for SOC 2 Type II audits
- Strong understanding of GDPR and India's DPDP Act
- Experience building Information Security processes from the ground up
- Ability to work closely with engineering and infrastructure teams
- AWS Security experience
- Experience with airline, travel or BFSI technology
- Knowledge of ISO 27701 or privacy management systems
- Experience with SOC, SIEM or cloud security
Success is not measured by producing documentation.
Success is when our engineering and infrastructure teams are capable of independently operating a mature Information Security and Compliance program, with ISO 27001 and SOC 2 Type II becoming natural outcomes of well-designed systems.
- Approximately one day per week
- Long-term advisory engagement
- Flexible working arrangement
- Opportunity to help shape the security and governance foundation of a rapidly growing global SaaS company.
If this excites you, or you know someone who would be a great fit, we'd love to hear from you.
Similar Jobs
View all →
Cloud Architect
Prestige Staffing
DevOps Engineer
Branch International
Platform Lead
Weekday (YC W21)
Infrastructure Risk & Compliance / Senior Consultant Specialist
HSBC
Cloud Security Engineering Lead - Platform
noon
Share
Quick Apply
Upload your resume to apply for this position