The Global Chief Information Security Officer (CISO) is responsible for developing, implementing, and leading the enterprise-wide information security strategy, ensuring the protection of the organization's assets, data, and intellectual property across all geographies. This role requires a seasoned cybersecurity executive with deep technical acumen, proven operational leadership, and strategic foresight to safeguard the organization in a complex, high-threat cyber environment.

The Global CISO will lead a diverse, global security organization, encompassing cyber defense, SOC operations, security engineering, governance, risk and compliance, and third-party risk management, to ensure a unified and resilient security posture.

Key Responsibilities:

Strategic Leadership

• Define and execute the global cybersecurity strategy aligned with the organization's business objectives, regulatory obligations, and risk appetite.
• Advise the Board and Executive Leadership on emerging threats, security posture, and investments needed to mitigate evolving cyber risks.
• Foster a security culture across the organization, embedding security considerations into digital transformation and business initiatives.

Cyber Defense & SOC Management

• Oversee global Security Operations Centers (SOC) to ensure 24x7 threat monitoring, detection, incident response, and continuous improvement of cyber defense capabilities.
• Lead threat intelligence, threat hunting, and incident management programs to proactively identify and neutralize advanced threats.
• Ensure effective coordination between global and regional SOCs for consistent standards and rapid response.

Information Protection & IP Security

• Establish policies, controls, and monitoring frameworks to safeguard the company's intellectual property, trade secrets, and sensitive data across global operations.
• Implement insider threat programs and data loss prevention (DLP) strategies to protect critical business information.
• Partner with R&D, Legal, and Product teams to embed security into the design and protection of proprietary technologies.

Third-Party & Supply Chain Security

• Oversee third-party risk management programs, ensuring robust assessment and continuous monitoring of vendors, partners, and supply chains.
• Integrate security requirements into procurement and vendor management processes to mitigate external dependency risks.

Governance, Risk & Compliance

• Lead enterprise-wide security governance, ensuring compliance with global regulations (e.g., GDPR, MAS TRM, ISO 27001, NIST).
• Develop metrics, dashboards, and reporting frameworks to provide visibility into security performance and risk posture.
• Ensure continuous improvement through audits, maturity assessments, and benchmarking against industry standards.

Operational Excellence

• Build, lead, and mentor a global cybersecurity organization, fostering collaboration, accountability, and innovation.
• Manage security budgets and investments effectively, balancing risk reduction and business enablement.
• Drive automation and modernization of security operations to achieve scale and efficiency.

Requirements:

• 15+ years of progressive experience in information security, including at least 5 years in a senior CISO or equivalent global leadership role.
• Proven track record of managing global SOC operations and leading large, distributed cyber defense teams.
• Demonstrated experience in protecting intellectual property and implementing enterprise data protection programs.
• Strong background in third-party risk management and security assurance across complex supply chains.
• Experience operating in high-threat environments, such as critical infrastructure, financial services, manufacturing, or technology sectors.
• Deep understanding of cyber threat landscapes, advanced persistent threats (APT), and security architectures
• Executive presence with the ability to engage effectively with boards, regulators, and external stakeholders.
• Relevant certifications (e.g., CISSP, CISM, CISA, CCISO) and/or advanced degree in cybersecurity, information systems, or related field.
• This role can be based in HK/SG, and we would be open to relocating the selected candidate.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi via LinkedIn or at [email protected] for a discussion. Due to the confidential nature of this search, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060