Senior Leadership Role: Process Assurance, Quality, and Information Security Governance
Role Summary
The Director – Process Assurance will drive enterprise-wide process assurance, compliance, and information security governance. Serving as the Chief Information Security Officer (CISO), this leader is responsible for establishing, implementing, and continuously improving frameworks for process maturity, quality, and information security across the organization.
Key Responsibilities
Process Assurance & Quality
⦁ Own and drive process maturity frameworks, including CMMI, ASPICE, and related quality models.
⦁ Define, implement, and govern organization-wide process assurance strategies.
⦁ Lead internal and external audits, assessments, and appraisals.
⦁ Ensure continuous process improvement and alignment with business objectives.
⦁ Collaborate with delivery, engineering, and leadership teams to embed quality and compliance into operations
Information Security & CISO Responsibilities
⦁ Act as CISO, owning the organization’s Information Security Management System (ISMS).
⦁ Lead compliance with ISO/IEC 27001, TISAX, customer security requirements, and regulatory expectations.
⦁ Ensure compliance with India DPDP Act and other applicable data protection laws.
⦁ Define and enforce security policies, risk management, incident response, and governance frameworks.
⦁ Oversee security risk assessments, vulnerability management, and incident handling.
⦁ Interface with customers, auditors, and regulators on security and compliance matters.
Governance & Leadership
⦁ Establish governance models for process, quality, and information security.
⦁ Act as a trusted advisor to senior leadership on risk, compliance, and maturity improvements.
⦁ Lead and mentor process assurance and information security teams.
⦁ Drive awareness, training, and cultural adoption of quality and security practices across the organization
Required Skills & Experience
⦁ 18+ years of experience in Process Assurance, Quality, and Information Security roles.
⦁ Hands-on expertise with CMMI, ASPICE, ISO/IEC 27001, and India DPDP Act.
⦁ Proven experience acting as or performing responsibilities similar to a CISO.
⦁ Strong understanding of audit management, risk assessment, and compliance governance.
⦁ Experience working with global customers and regulatory bodies.
⦁ Excellent stakeholder management and leadership skills.
Preferred Qualifications
⦁ Lead Appraiser / Certified Professional certifications (CMMI, ISO 27001 LA, ASPICE).
⦁ Experience in automotive, embedded, or regulated domains.
⦁ Exposure to global data protection regulations (GDPR, etc.).
KPIs & Success Metrics
Process Assurance & Quality
⦁ Successful CMMI / ASPICE assessments with target maturity levels achieved and sustained.
⦁ Reduction in major and minor non-conformities across audits year-on-year.
⦁ Measurable improvement in process compliance scores across business units.
⦁ Percentage of projects adhering to defined processes (target ≥ 95%).
⦁ Closure rate and turnaround time for process improvement actions (CARs / CAPAs).
⦁ Adoption of standardized processes across delivery and engineering teams.
Information Security & CISO
⦁ Successful ISO/IEC 27001/TISAX certification and surveillance audits with zero or minimal non-conformities.
⦁ Compliance readiness for India DPDP Act/GDPR with no regulatory penalties or adverse findings.
⦁ Reduction in security incidents, severity, and repeat occurrences.
⦁ Mean time to detect (MTTD) and mean time to respond (MTTR) to security incidents.
⦁ Completion rate of risk assessments, vulnerability remediation, and penetration testing.
⦁ Percentage of employees completing mandatory security and privacy awareness training.
People & Capability Building
⦁ Capability maturity of Process Assurance and Information Security teams.
⦁ Retention and skill development of key team members.
⦁ Increased organization-wide awareness and ownership of quality and security practices
Conclusion
This senior leadership role is critical in shaping the organization’s approach to process maturity, quality assurance, and information security. The Director – Process Assurance & CISO will ensure robust compliance, continuous improvement, and risk governance, while fostering a culture of quality and security throughout the business.