Director Information Technology Security

We are seeking a Senior Director of Information Security to lead the development and execution of a robust Information Security Management System (ISMS) across the organization. This executive-level role will ensure the organization meets the highest standards of cybersecurity, governance, and regulatory compliance while staying ahead of emerging threats and innovations in the information security landscape.

Key Responsibilities

1. Strategy, Policy & Governance

• Develop and lead a comprehensive information security strategy aligned with organizational objectives.
• Establish a unified governance framework and maintain up-to-date security policies and standards.
• Ensure alignment with global standards (e.g., ISO27001, NIST, PCI DSS).
• Promote information security awareness and embed a security-first culture across the organization.

2. Risk Management

• Conduct regular and in-depth security risk assessments.
• Maintain and manage a dynamic risk register.
• Provide strategic recommendations to leadership on information security risks and mitigation strategies.

3. Incident Response

• Lead the Security Incident Response Team (SIRT) and oversee responses to critical incidents.
• Develop prevention strategies and refine incident handling protocols.
• Continuously improve early warning and monitoring systems.

4. Technology & Innovation

• Drive the implementation of innovative and cost-effective security solutions.
• Develop system architecture supporting secure application development.
• Review and adapt security structures based on evolving needs.

5. Compliance & Reporting

• Ensure continuous compliance with security policies, internal standards, and external regulations.
• Oversee security audits and ensure findings are addressed.
• Provide regular executive reporting on the status and maturity of the security program.

6. Organizational Development

• Foster a security-aware culture and ensure the team is up to date with industry best practices.
• Drive team engagement, learning, and performance improvement.
• Mentor and lead a high-performing security team.

7. Cross-Functional Collaboration

• Act as a key liaison in executive meetings and cross-functional projects.
• Ensure consistency in applying security protocols across all departments.
• Translate regulatory and compliance requirements into actionable initiatives.

8. Talent & Team Management

• Manage team workload, conduct evaluations, and drive career development.
• Promote diversity and local talent development initiatives.
• Identify and address staffing and training needs.

9. Reporting & Communication

• Generate detailed, timely reports on security performance, incident trends, compliance, and program development.

10. Additional Duties

• Perform other relevant responsibilities or tasks as assigned by executive leadership.

Requirements:

Education & Certifications

• Bachelor's degree in Computer Science, Information Technology, or related field.
• Master’s degree or MBA in Information Security is preferred.
• Professional certifications such as:
• CISSP, CISM, CISA
• ISO 27001 Lead Auditor
• CEH, SANS, CRISC (preferred)

Experience

• 10–15 years of experience in IT and information security, with at least 5 years in a senior leadership role.
• Proven track record of building, implementing, and managing large-scale security programs.