Alamat
Bentuk pekerjaanStrategic Leadership: Provide strategic direction and vision for the company's cybersecurity posture, aligning it with business objectives and industry best practices.
Security Governance and Compliance: Oversee the development, implementation, and maintenance of robust security governance frameworks, ensuring compliance with relevant regulations and standards such as GDPR, PCI-DSS, ISO 27001, and industry-specific regulations.
Regulatory Engagement: Serve as the primary point of contact for regulatory agencies, maintaining positive relationships and ensuring timely responses to inquiries and audits.
Risk Management: Lead the organization's risk management efforts, conducting regular risk assessments, identifying vulnerabilities, and developing mitigation strategies to safeguard the company's assets and data.
Incident Response and Threat Management: Direct the incident response team in promptly addressing cybersecurity incidents, coordinating with internal stakeholders and external partners to minimize impact and facilitate recovery.
Security Operations: Oversee the day-to-day operations of the security team, including security monitoring, threat detection, vulnerability management, and security tooling.
Security Awareness and Training: Develop and implement comprehensive security awareness programs to educate employees on cybersecurity best practices and promote a culture of security awareness throughout the organization.
Vendor Risk Management: Collaborate with procurement and vendor management teams to assess and manage the cybersecurity risks associated with third-party vendors and service providers.
Budgeting and Resource Allocation: Manage the cybersecurity budget effectively, allocating resources to critical initiatives and ensuring optimal utilization of funds.
Executive Reporting: Provide regular reports to senior leadership and the board of directors on the company's cybersecurity posture, including key metrics, emerging threats, and recommendations for improvement.
Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.
At least 15 years of progressive experience in cybersecurity, with a focus on blue team operations, security governance, and regulatory compliance.
Demonstrated experience in dealing with regulatory bodies and managing regulatory compliance efforts, preferably in the Financial Services or telecommunications sectors.
Strong understanding of cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Controls, and industry-specific regulations.
Proven leadership experience, with the ability to inspire and motivate cross-functional teams in a fast-paced environment.
Excellent communication and interpersonal skills, with the ability to effectively interact with stakeholders at all levels of the organization.
Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
Deep technical knowledge of cybersecurity technologies and tools, including SIEM, IDS/IPS, DLP, endpoint security, and cloud security solutions.
Experience in mergers and acquisitions (M&A) due diligence and integration activities related to cybersecurity is a plus.
Client is a leading Financial Services company committed to delivering innovative solutions and exceptional service to the customers. Dedicated to maintain the highest standards of security and compliance to safeguard their assets and customer data.
If you meet the qualifications and are passionate about driving cybersecurity excellence in a dynamic environment, we encourage you to apply for this exciting opportunity.
