Regional Chief Information Security Officer (CISO)

About the role

We are looking for an experienced Regional Chief Information Security Officer to shape and execute our cybersecurity, technology risk, and information security strategy across multiple jurisdictions. The role combines strategic leadership with hands‑on operational expertise in a highly regulated environment.

Key responsibilities

• Define and implement a regional cybersecurity and information security strategy aligned with business and technology goals.
• Establish governance frameworks, policies, standards and controls (MAS TRM, NIST, ISO 27001, CIS).
• Lead security transformation across cloud, infrastructure, applications, data and operational environments.
• Oversee technology risk management, including cloud security, IAM, third‑party risk, SDLC governance and incident management.
• Direct security operations, threat detection, incident response, vulnerability management and cyber‑defence capabilities.
• Act as trusted advisor to senior management, board members, regulators and auditors.
• Partner with Technology, Risk, Compliance, Legal, Operations and Business teams to embed security into enterprise initiatives.
• Provide leadership for cloud adoption, digital transformation, AI/GenAI, DevSecOps and infrastructure modernisation.

Required profile

• Proven senior leadership experience in cybersecurity and technology risk within a regulated environment.
• Strong stakeholder management and ability to engage with regulators, auditors and board members.
• Strategic thinker with a track record of delivering security transformation programmes.

Required skills

• MAS TRM
• NIST framework
• ISO 27001
• CIS Controls
• Cloud security
• Identity and Access Management (IAM)
• Third‑party risk management
• SDLC governance
• Incident management
• Threat intelligence
• Security monitoring
• AI/GenAI security considerations
• DevSecOps
• Infrastructure modernisation