IT Security Lead

• Develop and execute a robust enterprise-wide Information Security Strategy aligned with business and regulatory requirements (e.g., MAS TRM, ISO 27001).
• Act as the primary security advisor to the CITO and executive leadership, influencing cybersecurity decisions and risk appetite.
• Establish and maintain security policies, standards, and procedures that support governance, risk management, and compliance initiatives.
• Lead risk assessments and audits across systems, vendors, and third parties, ensuring ongoing compliance and mitigation of cyber risks.
• Oversee security operations, including threat monitoring, incident response, and vulnerability management.
• Track and report KPIs such as incident resolution time, system availability, cost efficiency, and compliance metrics.
• Evaluate and implement security technologies, ensuring business scalability, innovation, and return on investment.
• Manage security budgets and projects, ensuring cost control and alignment with IT and business priorities.

• Bachelors or Masters degree in Information Security, Computer Science, or related field.
• 8 to 10 years of experience in information security leadership, including at least 5 years in a CISO or equivalent role.
• Strong knowledge of regulatory and cybersecurity frameworks, particularly in the financial or insurance sectors.
• Relevant certifications such as CISSP, CISM, CISA, CRISC, or CCSP are strongly preferred.
• Proven expertise in risk management, incident response, and compliance audits.
• Strong communication skills with the ability to engage executive leadership and non-technical stakeholders.
• Experience managing cross-functional security teams, vendors, and internal training/awareness programs.
• Strategic thinker with hands-on knowledge of security technologies, project execution, and innovation-driven security planning.

KRISV Consulting