Regional CISO

We are seeking an experienced and strategic Regional Chief Information Security Officer (CISO) to lead the organisation's cybersecurity, technology risk, and information security agenda across the region. This individual will be responsible for driving enterprise-wide security strategy, strengthening cyber resilience, and ensuring alignment with regulatory, operational, and business objectives across multiple jurisdictions.

The role requires a strong balance of strategic leadership, operational security expertise, stakeholder management, and regulatory engagement capabilities within a highly regulated environment.

Responsibilities:

Cybersecurity Strategy & Leadership

• Develop and execute the regional cybersecurity and information security strategy aligned with business and technology objectives.
• Establish and maintain enterprise-wide security governance frameworks, policies, standards, and controls.
• Drive continuous enhancement of the organisation's cyber resilience, security posture, and risk management capabilities.
• Lead security transformation initiatives across cloud, infrastructure, applications, data, and operational environments.

Technology Risk & Governance

• Oversee enterprise technology and cyber risk management across regional entities and business functions.
• Ensure alignment with applicable regulatory requirements and industry frameworks including MAS TRM, NIST, ISO27001, CIS, and other relevant standards.
• Provide oversight on key technology risk domains including cloud security, identity and access management, third-party risk, operational resilience, SDLC governance, and incident management.
• Drive governance and reporting processes for cybersecurity, technology risk, and operational resilience matters.

Security Operations & Resilience

• Oversee Security Operations, threat detection, incident response, vulnerability management, and cyber defence capabilities across the region.
• Lead response and recovery efforts for major cybersecurity incidents and crisis management situations.
• Ensure effective disaster recovery, business continuity, and operational resilience capabilities are established and regularly tested.
• Strengthen proactive threat intelligence and security monitoring capabilities.

Stakeholder & Regulatory Management

• Act as a trusted advisor to senior management, Board members, regulators, and key business stakeholders on cybersecurity and technology risk matters.
• Lead engagements with regulators, auditors, and external assessors on security, resilience, and compliance-related matters.
• Partner closely with Technology, Risk, Compliance, Legal, Operations, and Business teams to embed security into enterprise initiatives and transformation programmes.
• Build strong relationships across regional and global stakeholders to drive alignment and execution of security priorities.

Transformation & Innovation

• Provide security leadership across cloud adoption, digital transformation, AI/GenAI initiatives, DevSecOps, and infrastructure modernisation programmes.
• Drive automation, optimisation, and operational efficiency initiatives across cybersecurity functions.
• Evaluate emerging threats, technologies, and industry developments to continuously enhance security capabilities.

Requirements

• Bachelor's degree in Information Security, Computer Science, Engineering, or related discipline.
• 15+ years of progressive experience in cybersecurity, technology risk, or information security leadership roles within financial services or highly regulated environments.
• Proven experience leading regional or global cybersecurity programmes across complex multinational organisations.
• Strong understanding of financial services regulatory requirements and cybersecurity frameworks including MAS TRM, NIST, ISO27001, CIS, COBIT, and related standards.
• Deep expertise across security operations, cyber defence, cloud security, operational resilience, governance, and technology risk management.
• Experience engaging with regulators, executive leadership, and Boards on cybersecurity and resilience matters.
• Strong commercial acumen with the ability to balance security, operational, and business priorities.
• Demonstrated leadership capabilities managing large cross-functional and geographically distributed teams.
• Excellent communication, stakeholder management, and executive presentation skills.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at [email protected] for a discussion. Due to the confidential nature of this search, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060