Key Responsibilities:
Strategic Direction & Policy Framework
- Define, develop, and maintain a business-aligned Information and Cybersecurity strategy.
- Establish and embed an Information Security Policy Framework that complies with industry standards and legal requirements.
- Advise senior leadership on integrating security practices into business operations.
Leadership & People Management
- Build, lead, and retain a high-performance Information Security team.
- Foster a culture of innovation, collaboration, and continuous improvement.
- Set clear strategic plans, budgets, and performance targets for the Information Security function.
Risk Management & Security Operations
- Provide oversight of enterprise information and cybersecurity risk management.
- Manage security risks related to suppliers and delivery partners.
- Develop and maintain an Information Security Management System (ISMS) with processes for continual improvement.
Compliance & Incident Management
- Ensure compliance with relevant laws and regulations, including ISO 27001 and PCI DSS.
- Direct investigations into security breaches and coordinate with data protection teams on legislative requirements.
- Promote a strong security culture throughout the organization.
