Job Description

The

IT Security Lead

will be responsible for leading the development, execution, and management of the enterprise-wide information security strategy, architecture. The IT Security lead will work across departments to protect the organization's information assets, mitigate cyber risks, and ensure alignment between business and security objectives.


This executive role combines strategic planning, policy formulation, risk management, and hands-on oversight of cybersecurity operations and IT infrastructure resilience.

Key Responsibilities:

Strategic Leadership & Governance

Define and implement the enterprise-wide Information Security Strategy in alignment with company's business goals and regulatory requirements. Serve as the primary advisor and executive leadership on all cybersecurity and risk matters.

Risk Management & Compliance

Lead comprehensive Information Security Risk Assessments across internal and external domains, including third-party/vendor risks. Design and oversee a formal Information Security Risk Management Plan, regularly reporting risk metrics and mitigation effectiveness. Ensure continuous compliance with relevant regulatory, industry, and internal standards (e.g.,

MAS TRM Guidelines

, ISO 27001). Conduct periodic audits and reviews of cybersecurity controls and frameworks.

Operational Excellence & Metrics

Manage the IT Infrastructure and Information Security Budget efficiently, ensuring Cost Variance (CV) is minimized. Establish performance metrics such as:
Cost Efficiency of IT Security investments


System Uptime vs. Downtime (Availability)


Incident Volume, Resolution Time, Aging Reports

Cybersecurity Initiatives & Incident Response

Oversee the implementation and continuous improvement of Cybersecurity Programs, ensuring proactive threat detection, response, and mitigation. Monitor and report on security posture Lead security incident response efforts, coordinating cross-functional support and communication.

Technology & Innovation

Evaluate emerging cybersecurity technologies, practices, and innovations aligned with company's strategic IT direction. Ensure security assurance for all strategic IT initiatives by identifying suitable controls and countermeasures.

Qualifications:

Education & Certification:

Bachelor's or Master's degree in Computer Science, Information Security, Information Technology, or a related field. Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP, or equivalent are highly preferred.

Experience:

Minimum 5 years of experience in Information Security, with at least 3 years in a IT Security Management or equivalent role. Proven track record of managing cybersecurity programs, risk frameworks, and compliance in

financial services or regulated industries.

Skills & Competencies:

Strong understanding of regulatory frameworks, enterprise risk management, and cybersecurity standards. Executive presence and ability to communicate complex technical issues to non-technical stakeholders. Demonstrated experience in budget planning, project management, and strategic execution.




EA License: 21C0783


EAP Registration No: R24123529