Head of Cyber Security

Other Jobs To Apply


Job Purpose:


The Head of Cyber Security is responsible for developing, implementing, and overseeing a comprehensive cybersecurity strategy that protects the group's digital assets, infrastructure, systems, and data from internal and external threats.

This job encompasses policy development, risk assessment, incident response, security operations, compliance, and awareness.

The Head of Cyber Security serves as the group's cybersecurity authority, ensuring alignment between security programs and business objectives, while fostering a security-first culture across the group.


Resposibilities:
Strategic Leadership & Governance


  • Develop and lead the execution of the group-wide cyber security strategy in alignment with business goals and technology roadmap.
  • Define cybersecurity policies, standards, and procedures based on industry best practices and regulatory requirements.
  • Lead the group's Cyber Security Governance Committee and regularly report on security posture to executive leadership and board-level risk committees.
  • Champion a proactive security culture by integrating cybersecurity into all business and technology decision-making processes.
Cybersecurity Operations & Risk Management


  • Oversee the design, implementation, and management of security tools and controls including firewalls, SIEM, EDR, IAM, and DLP solutions.
  • Direct the Security Operations Centre (SOC) and ensure continuous monitoring, threat intelligence, and rapid response to potential breaches.
  • Conduct regular vulnerability assessments, penetration testing, and risk assessments to identify and mitigate potential threats.
  • Lead cyber incident response planning, simulation exercises, and post-mortem reviews to improve organizational resilience.
Compliance & Audit


  • Ensure compliance with relevant regulatory frameworks (e.g., ISO 27001, NIST, GDPR, PCI-DSS, local cybersecurity laws).
  • Collaborate with internal and external auditors during cybersecurity audits and ensure timely remediation of any findings.
  • Maintain up-to-date records of all cybersecurity-related incidents, controls, and risk assessments for audit and regulatory purposes.
Data Privacy and Information Protection


  • Work closely with the Data Protection Officer (DPO) and Legal team to ensure data protection measures are enforced.
  • Oversee implementation of data classification, encryption, and secure data handling practices across the organization.
  • Drive initiatives to reduce data leakage, insider threats, and loss of intellectual property.
Security Architecture & Infrastructure


  • Guide the secure design of systems, networks, and applications from the ground up, incorporating security by design principles.
  • Collaborate with IT infrastructure and application development teams to embed cybersecurity into solution architecture.
  • Ensure cloud security governance is established and enforced across all SaaS, IaaS, and PaaS environments.
Awareness, Training & Culture


  • Develop and lead group-wide security awareness campaigns and training programs for employees, contractors, and third parties.
  • Create tailored training initiatives for high-risk user groups and leadership teams.
  • Promote a culture of shared cybersecurity responsibility across all departments.
Vendor & Third-Party Security


  • Assess the security posture of vendors, suppliers, and partners as part of the third-party risk management program.
  • Establish security requirements and SLAs in vendor contracts and conduct periodic due diligence and reviews.
Budget & Team Leadership


  • Lead, mentor, and manage the cybersecurity team, fostering a high-performance culture and continuous professional development.
  • Define resource requirements, develop cybersecurity budgets, and oversee procurement of security technologies and services.
  • Build capability maturity across cyber domains and succession plans for critical security roles.
General


  • Uphold company values throughout business practices and utilise sound judgment in decision making.
  • Any other additional duties as may be required by management based on needs of the business.

Requirements:

  • A minimum of 10+ years of progressive experience in information security, with at least 5 years in a senior leadership role.
  • Proven experience in managing enterprise security programs in large and complex organizations.
  • Demonstrated expertise in threat management, incident response, risk assessment, security architecture, and compliance.
  • Masters's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • Professional certifications such as CCISO, ISO 27001, ISO 42001, CISA, CISM, CISSP, AAIA, CEH, OSCP, or equivalent vendor-neutral credentials are required.
  • Product/Technology related certification are preferred.
Show more Show less
Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...