Job Summary
We are seeking an Information Security Officer to oversee the regional information security program and ensure alignment with global security policies, regulatory requirements, and industry best practices. This role partners closely with the Regional CTO and Group CISO organization to support security governance, risk management, and implementation of enterprise cybersecurity initiatives.
The Information Security Officer will act as a key liaison between regional IT teams, global security leadership, and regulatory stakeholders to ensure effective protection of information assets and adherence to security frameworks.
Key Responsibilities
- Support the implementation of the organization’s information security strategy and global security initiatives within the region
- Ensure regional IT and security practices align with corporate policies, standards, and regulatory requirements
- Identify, assess, and manage information security risks and remediation activities
- Oversee vulnerability management across infrastructure, applications, and endpoints
- Conduct security risk assessments, audits, and compliance reviews
- Manage third-party security risk assessments and vendor risk oversight
- Support security incident response and coordinate with global security teams when incidents occur
- Oversee access reviews, data protection initiatives, and data loss prevention (DLP) programs
- Deliver security awareness and training programs across the organization
- Provide reporting and updates on security posture, risks, and remediation efforts to leadership
- Support regulatory reviews and security assessments with external regulators or auditors
Qualifications
- 10+ years of experience in information security, cybersecurity, or IT risk management
- Strong knowledge of security governance, risk management, and compliance frameworks
- Experience implementing or supporting enterprise security programs and controls
- Familiarity with vulnerability management, security incident response, and vendor risk management
- Strong communication and stakeholder management skills
- Experience working within regulated industries (financial services preferred)
- Professional certifications such as CISSP, CISM, or CRISC are a plus
Education
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent professional experience).
