Head of Cybersecurity

Seeking a dynamic and experienced Head of Cybersecurity to lead our organization's enterprise-wide cybersecurity strategy. This leadership role requires a proven track record in managing end-to-end cyber risk, security operations, and compliance frameworks within a regulated environment, ideally in banking or financial services. The candidate will be responsible for safeguarding critical infrastructure, systems, and data while aligning security initiatives with business goals. This position reports directly to the Chief Digital Officer.

Key Responsibilities:

• Develop and execute a comprehensive, enterprise-level cybersecurity strategy that supports organizational goals and regulatory compliance.

• Lead and mentor a cybersecurity team responsible for threat detection, incident response, vulnerability management, and security architecture.

• Drive implementation of advanced cyber risk controls, including Data Loss Prevention (DLP), Endpoint Detection & Response (EDR), and SIEM solutions.

• Oversee Identity and Access Management (IAM) governance and ensure secure access across enterprise systems.

• Establish and enforce security policies, incident response plans, and regulatory compliance (e.g., ISO 27001, NIST, PCI-DSS).

• Manage security operations, audits, risk assessments, and remediation initiatives across all IT assets.

• Stay abreast of evolving cyber threats, regulatory mandates, and security best practices to ensure continuous improvement.

• Collaborate with business, IT, and risk stakeholders to embed cybersecurity principles into enterprise initiatives and digital innovation efforts.

Required Skills & Experience:

• 15+ years of progressive experience in cybersecurity, with at least 3 years in a leadership capacity overseeing enterprise-level security.

• Strong knowledge of security frameworks (e.g., NIST, ISO 27001, COBIT), regulatory compliance, and industry best practices.

• Demonstrated expertise in DLP, IAM, security operations, and incident response.

• Prior experience within Banking, Insurance, or Financial Services is highly preferred.

• Strong leadership and cross-functional stakeholder management skills.

• Deep understanding of Malaysian regulatory frameworks and data protection laws.

• Professional certifications such as CISSP, CISM, CISA are highly desirable.

• Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, or a related field.