OVERVIEW
To develop, implement, and maintain the company's enterprise-wide information security strategy and framework, ensuring that all systems, data, and processes are secure, resilient, and compliant with regulatory and industry standards. The CISO provides strategic guidance on information security, leads risk management efforts for cyber and information security, and ensures preparedness against emerging threats.
The CISO oversees information security, cybersecurity, data protection, vulnerability management, incident response, and security governance across the organisation. The role spans all business units, technology platforms, and operational processes, including coordination with regulators, auditors, and external partners.
KEY RESPONSIBILITIES
Strategic Objectives
- Develop and implement a comprehensive enterprise information security strategy aligned with business objectives and risk appetite.
- Ensure compliance with applicable laws, regulations, and standards related to information security.
- Provide strategic guidance to the Senior Management on emerging threats, vulnerabilities, and security innovations.
- Promote a culture of cybersecurity awareness and best practices across the organization.
Operational Objectives
- Identify, assess, and mitigate information security risks across all systems and processes.
- Oversee the design and execution of vulnerability assessments, penetration tests, and security audits.
- Lead the development and management of security policies, procedures, and incident response plans.
- Ensure timely reporting of security incidents, breaches, and risk assessments to senior management and regulators.
REQUIREMENTS
- Bachelor's or Master's degree in Management Information Systems, Fintech, Information Security, Computer Science, or a related technical field.
- 15+ years of hands-on and strategic experience in information security and cybersecurity within the financial services industry (including FinTech, payments, and digital assets).
- Proven executive leadership experience, including operating as a Chief Information Security Officer (CISO) or in a senior managerial capacity.
- Extensive knowledge of international financial regulations, regulatory compliance, and global industry standards (ISO 27001, NIST, PCI-DSS).
- Mandatory professional certification in CISM (Certified Information Security Manager). Additional certifications in Blockchain Security, Data Privacy, or ISO 27001 Lead Auditor are highly preferred.
- Proven track record in launching or scaling digital finance platforms, FinTech, or cloud-native environments from scratch, with a strong understanding of end-to-end security architecture design and 24/7 incident response (CSIRT).
- Strong strategic and leadership skills, with the ability to build enterprise risk frameworks and communicate complex security initiatives to the Board, C-suite, and relevant regulatory bodies.
