Head of Information Security at SeamlessHR Limited

Job Responsibilities:

• Champion and implement the goals of the information security department to build secure products and infrastructure, and maintain secure people operations,  
• Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.
• Work directly with groups and departments to raise awareness of risk management concerns and to facilitate risk assessment and risk management processes.
• Manage and enhance the ISO27001 information security management framework.
• Formulate and enforce secure cloud security governance which include cloud security policies where required. 
• Manage and coordinate all internal processes and operations to ensure compliance with data protection regulations (GDPR, KDPR, NDPR) in all the regions we operate. 
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
• Provide leadership to the enterprise's information security initiatives and projects,
• Coordinate the overall vulnerability management program to ensure all our systems and infrastructure are secure at all times. 
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems. 
• Supporting the business in delivering quality and compliance to address and mitigate information security and business risks. 
• Promoting responsible behavior by improving the culture internally to ensure all staff are protecting against possible security incidents. 
• Continuous improvement by ensuring security updates is implemented as at when necessary. 
• Lead a team of information security experts to execute the mission of the information security department.  
• Apply and promote SeamlessHR culture and core values at all times. 
• Undertake ad hoc duties as required.  

Requirements

Behavioural:

• Critical strategic thinking  
• Proactive and paranoid 
• Strong communication skills 
• Good stakeholder and project management  

Functional/Technical:

• Minimum 5-year work experience in cybersecurity leadership or management roles.  
• B.Sc. in Computer Science, Cybersecurity Information technology or any relevant field; M.Sc. would be a great addition.  
• Knowledge of information security management frameworks Security certification and training: CISSP, CISM, ISO22301 (BCMS), CDPO or  any related cybersecurity certifications. 
• Understanding of cloud security governance and virtualization technology. 
• Expertise in organizational IT security risk and vulnerability management 
• Leadership and management of a team of information security experts. 
• Completion of information security projects with key value add to the organization’s corporate goals. 
• Working knowledge of cybersecurity of generative artificial intelligence implementation in emerging technologies. 
• Working experience with compliance to data protection regulations relevant  to the organization e.g. GDPR 
• Demonstrated on-the-job knowledge and experience with developing and reviewing security concept of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability management plans.  
• Business process understanding, able to understand general business operation activities to avoid business down time.  
• Outstanding negotiation skills for negotiating contracts and IT support services to be rendered.  
• Outstanding collaboration, communication, and presentation skills.  
• A team player with excellent leadership skills.