Our client is looking for a Chief Information Security Officer (CISO) to provide the leadership to enhance develop and implement the information security strategies and related policies within the organizations.

Mandatory Skill(s)

  • Degree in Cyber / Information Security or Computer Science or Computer Engineering;
  • At least 10 years of management experience in the area of information security, policies and procedures;
  • Possess working experience in areas of cyber security governance and risk management, proactive cyber security defence and investigation in a complex IT environment;
  • Competent in large scale project, vendor risk management, business continuity planning, incident response and crisis management;
  • In-depth understanding of both IT and business processes and the relationship between them;
  • Good verbal and written communication skills to present and articulate complex issues as well as to influence and convince stakeholders at every level;
  • Excellent interpersonal skills to collaborate effectively with cross-functional, multi-disciplined teams and gain consensus in change implementation and enforcement of security policies and procedures.

Desirable Skill(s)

  • CISM, CISSP, CGEIT, CISA, GSEC certification;
  • Good understanding of international security standards such as ISO27001/27002.


  • Spearhead the establishment of a well-defined information security governance framework with goals, strategies, policies, compliance monitoring, crisis management processes, action plans, best practices, awareness and education programs;
  • Drive the cyber security risk assessment initiatives to identify the various information assets and process gaps that can lead to vulnerabilities to cyber attack and develop well-documented processes and policies to preempt and mitigate risks;
  • Facilitate and collaborate with cross functional stakeholders for the formation of a cyber security culture across the entire organization, from stakeholders to end users and information technology professionals to drive awareness among people and shape their attitude towards risk acceptance and incident response;
  • Review, improve and endorse security policies, implement technical controls, audits and assessments to ensure compliance;
  • Align information technology (IT) needs of business units with the strategic cyber security direction of the organization;
  • Propose appropriate cyber security solutions and technologies to management and obtain approval for the implementation;
  • Keep abreast on emerging threat factors, fast changes in the technological landscape and continually push for work culture transformation to achieve early detection and readiness to respond to cyber security incidents.
Apply to this Job