The incumbent will lead large, complex technology transformation programs (multi-million dollar, multi-year) across cybersecurity, cloud, and enterprise infrastructure in a strictly regulated environment.
The role is hands-on in governance and delivery, with very limited flexibility on requirements and standards.
Responsibilities:
- Own endtoend delivery of major transformation programs (from business case to stabilization and handover).
- Lead hybrid/multicloud, cybersecurity, and enterprise infrastructure initiatives, ensuring they meet regulatory, security, and resilience requirements.
- Govern scope, timelines, budget, risks, vendors, and resources across multiple concurrent workstreams.
- Act as the single accountable lead to senior management, risk/compliance, internal audit, and regulators for program outcomes.
- Ensure all designs and implementations are securebydesign and compliantbydesign
- Direct and challenge external partners and vendors to meet stringent SLAs, KPIs, and contractual obligations.
- Implement and enforce strong program governance (RAID logs, change control, reporting, stage gates).
- Drive adoption of automation, standardization, and repeatable patterns to reduce operational risk and manual effort.
- Lead change management and communication with business, IT, and operations to ensure smooth adoption of new platforms and controls.
Mandatory Experience
Candidates who do not fully meet these criteria will not be considered.
- Minimum 15-20 years of total IT experience minimum 15 years in endtoend program leadership.
- Proven track record leading multiple large, multimilliondollar transformation programs (not just projects).
- Direct experience in highly regulated environments (e.g. central bank, financial regulator, major financial institution or equivalent).
- Evidence of delivering outcomes with strict RTO/RPO, high availability and disaster recovery requirements.
- Experience managing large thirdparty vendors and integrators under complex managed services or outsourcing contracts.
- Demonstrated responsibility for financials (program budget, cost control, benefits realization, and/or P&L impact).
- Experience engaging directly with Clevel stakeholders and risk/compliance/audit teams, including responding to findings and remediation plans.
Strong background in ALL of the following areas:
- Cybersecurity programs (identity and access management, privileged access, security monitoring/SIEM/SOC, incident response).
- Cloud transformation (Azure, AWS and/or GCP) including migrations and platform engineering.
- Enterprise infrastructure: data center, networks (WAN/LAN/SDWAN), storage, compute, and workplace/digital workplace.
Mandatory Technical Exposure
The role requires credible, detailed discussions with architects and engineers. The candidate must have strong working exposure (not just oversight) to:
- Public cloud platforms (at least two): Azure, AWS, or GCP.
- Hybrid or multicloud architectures, landing zones, network connectivity, and security controls.
- Identity and access management and privileged access management solutions.
- Security monitoring and incident response (SIEM/SOC, log management, threat detection).
- Enterprise networks (WAN, LAN, SDWAN, VPN, firewalls) and secure connectivity patterns.
- Data center infrastructure, virtualization, storage, and backup/DR.
- Automation in infrastructure/operations (e.g. scripting, orchestration tools, or AIOps concepts).
Education & Certifications
- Bachelor's degree in Computer Science, Engineering, Information Systems or closely related field.
- Recognised program/project management certification (e.g. PMP or equivalent).
- IT service management certification (e.g. ITIL Foundation or above).
- At least one cloud certification from a major provider (Azure, AWS, or GCP).
- Relevant cybersecurity certifications (e.g. CISSP, CISM, CCSP, or equivalent).
Critical Competencies
- Very strong ownership mindset and comfort with being the single point of accountability.
- Ability to make firm decisions, challenge stakeholders and vendors, and say no when requirements or standards are not met.
- Excellent communication skills, able to explain complex technology and risk topics clearly to senior nontechnical stakeholders.
- High attention to detail in governance, documentation, and compliance.
- Resilience and composure under pressure, especially during incidents, cutovers, and regulatory interactions.
