We are seeking a skilled CISO to oversee the information security strategy across their APAC operations. The CISO will be responsible for developing and implementing security policies, managing risks, and ensuring compliance with regulatory requirements. This role requires a visionary leader who can foster a culture of security awareness and resilience.
Responsibilities
- Strategic Leadership: Develop and implement a comprehensive information security strategy aligned with the companys business objectives and regulatory requirements across the APAC region.
- Risk Management: Identify, assess, and mitigate security risks to protect sensitive information and systems. Lead risk assessments and vulnerability management efforts.
- Policy Development: Establish and maintain information security policies, standards, and procedures. Ensure compliance with local and international regulations (e.g., GDPR, PCI-DSS).
- Incident Response: Oversee the incident response strategy and investigation processes. Coordinate with internal teams and external partners during security incidents.
- Team Management: Build and lead a high-performing information security team. Mentor and develop talent, promoting a culture of security awareness within the organisation.
- Stakeholder Engagement: Collaborate with executive management, business units, and external partners to align security initiatives with business goals.
- Reporting: Provide regular security reports and updates to senior management and the board on the security posture, incidents, and ongoing initiatives.
Qualifications
- Bachelors degree in Computer Science, Information Technology, or a related field. A Masters degree is preferred.
- Minimum of 10 years of experience in information security, with at least 5 years in a leadership role. Experience in the insurance or financial sector is highly desirable.
- Relevant certifications such as CISSP, CISM, or CISA are preferred.
- Strong understanding of security frameworks, risk management, and compliance standards relevant to the insurance industry.
- Proven ability to lead cross-functional teams, influence stakeholders, and drive change in a complex environment.
- Excellent verbal and written communication skills, with the ability to present complex security concepts to non-technical stakeholders.