IT Security & Governance Lead

Job Title: Head of ITSEC & Governance

Reports To: CEO, Linnnk Group

Location: Linnk India, Kochi

Job Overview

The Head of IT Security & Governance is responsible for designing, leading, and maturing Linnk Group's security, governance, and infrastructure oversight across all global operations and digital products. This role integrates:

• ITSEC (IT Security) safeguarding corporate systems, cloud environments, networks, data, identities, and all Linnk IQ SaaS products.
• ITGOV (IT Governance) establishing the frameworks, standards, processes, controls, and operational governance that ensure stability, compliance, and resilience.

The role ensures that Linnk Group operates on a secure, compliant, resilient, and scalable technology foundation, while enabling the development and delivery of Linnk IQ (LinnkUp ERP, LinnkMe CRM/ATS, LinnkUS Comms Hub, and future platforms).

This position is central to protecting the organisation, enabling digital transformation, ensuring enterprise-readiness, and supporting global expansion.

Qualifications

• Bachelor's degree in IT, Computer Science, Cybersecurity, Engineering, or related field.
• Master's degree preferred.

Professional Certifications (Strongly Preferred)

Security

• CISSP
• CISM
• CCSP
• ISO 27001 Lead Implementer / Lead Auditor

Governance

• COBIT
• ITIL Foundation / Practitioner
• ISO 38500 or equivalent

Additional Advantage

• AWS Cloud (Architect/Security)
• ISO 22301 (Business Continuity)
• ISO 31000 (Risk Management)

Experience

The ideal candidate brings:

• 1215+ years of leadership experience in IT security, governance, operations, and infrastructure oversight.
• Proven experience designing and implementing security and governance frameworks from the ground up.
• Experience securing cloud-native SaaS products and enforcing secure SDLC and DevSecOps.
• Strong background managing networks, cloud, data centres, DR environments, and enterprise IT systems.
• Successful delivery of compliance certifications (ISO 27001, SOC 2, GDPR readiness).
• Experience working across multi-site, multi-region organisations.
• Strong vendor, contract, and third-party governance experience.
• Ability to build internal capability, lead teams, and manage stakeholders up to Board level.

Responsibilities

A. IT SECURITY (ITSEC)

1. Cybersecurity Strategy & Risk Governance

• Develop and maintain Linnk's global cybersecurity strategy, aligned with business growth and SaaS evolution.
• Build and enforce enterprise-wide security frameworks, standards, baselines, and controls.
• Establish risk governance, conduct regular risk assessments, maintain the security risk register.
• Lead cybersecurity steering committees, present security posture and risks to the CEO and Board.

2. Infrastructure, Network & Cloud Security

• Govern security across cloud environments (AWS), on-prem structures, corporate office networks, and hybrid systems.
• Define secure configurations for firewalls, routers, switches, Wi-Fi, endpoints, servers, and cloud workloads.
• Oversee patching, vulnerability management, penetration testing, and infrastructure hardening.
• Implement Zero-Trust principles across networks, devices, identity, data, and SaaS environments.

3. SaaS Application & Platform Security (Linnk IQ Products)

Oversight of security for all products:

LinnkUp ERP

Finance, HR, operations, consultant workflows.

LinnkMe CRM/ATS

Candidate, client, and sales intelligence data.

LinnkUS Comms Hub

Messaging, automation, omni-channel workflows.

• Embedding secure SDLC and DevSecOps into Engineering processes.
• Overseeing SAST, DAST, SCA, dependency scanning, container security.
• Leading threat modelling, API security, encryption governance, tokenisation.
• Ensuring multi-tenant isolation, RBAC/ABAC enforcement, segmentation.
• Ensuring enterprise-readiness for security questionnaires, audits, and compliance checks.

4. Data Security, Privacy & Compliance

• Implement data classification, retention, encryption, masking, and secure handling frameworks.
• Ensure compliance with ISO 27001, SOC 2, GDPR, DPDP (India), CERT-In, and client-driven standards.
• Oversee DR/BCP strategy: backup governance, failover planning, resilience testing, recovery.
• Own privacy governance for personal data across systems, tools, and SaaS platforms.

5. Security Operations, Monitoring & Incident Response

• Build/oversee a hybrid SOC with SIEM, SOAR, EDR, UEBA, threat intelligence tools.
• Lead threat hunting, red-team/blue-team exercises, continuous vulnerability scanning.
• Manage the full incident response lifecycle: detection, containment, eradication, RCA, improvement.
• Maintain and test security playbooks, crisis communications, escalation protocols.

6. Identity, Access & Privilege Governance

• Govern SSO, MFA, device trust, conditional access, privileged access management.
• Oversee user lifecycle automation across corporate and product environments.
• Conduct periodic access reviews, privilege audits, and SoD (Segregation of Duties) assessments.

B. IT GOVERNANCE (ITGOV)

1. Enterprise Governance Frameworks & Policy Leadership

• Establish Linnk's global IT governance framework aligned with COBIT, ISO 27001, ISO 38500, ITIL, and modern governance principles.
• Develop and maintain IT policies, SOPs, standards, approval matrices, and control frameworks.
• Lead governance audits, compliance cycles, internal reviews, and remediation plans.
• Ensure standardisation across offices, functions, platforms, and engineering teams.

2. IT Service Management (ITSM) & Operational Governance

• Govern IT operations including endpoint management, service desk, office IT, and user support.
• Implement ITIL processes: incident, problem, change, release, asset, configuration, service request fulfilment.
• Drive operational efficiency, uptime, performance, and support quality.

3. Infrastructure & Platform Governance

• Define governance for networks, cloud, data centres, DR sites, and office infrastructure.
• Implement lifecycle management for hardware, software, licensing, and capacity planning.
• Govern alignment of infrastructure with security frameworks, resilience expectations, and budget constraints.

4. Vendor, Contract & Third-Party Governance

• Evaluate, appoint, and govern vendors across cloud, infrastructure, software, security, and MSP services.
• Conduct security and operational due diligence for all third parties and integrations.
• Maintain vendor performance dashboards, SLA adherence, renewal cycles, and contract compliance.
• Ensure third-party integrations with Linnk IQ meet security and governance requirements.

5. Business Continuity, Operational Resilience & Enterprise Risk

• Own enterprise-level BCP/DR frameworks, testing cycles, and resilience models.
• Maintain technology risk registers, mitigation plans, and executive reporting structures.
• Lead scenario-based resilience testing and continuously improve operational continuity.

6. Governance for Emerging Technologies & AI-Enabled Systems

• Apply security and governance frameworks to AI-assisted systems and automation tools.
• Govern responsible use of AI across data flows, model interactions, and product integrations.
• Conduct vendor and model risk assessments without requiring AI engineering expertise.
• Ensure transparency, audit trails, and safe adoption of emerging technologies.

Key Skills

• Cybersecurity leadership & strategy
• Secure architecture (cloud, network, SaaS)
• DevSecOps, secure SDLC, automation of security controls
• Data protection & privacy management
• Policy governance & framework creation
• IT service management (ITIL)
• Risk assessment, compliance, and audit readiness
• Incident response & crisis command
• Vendor governance & contract control
• Business continuity & resilience engineering
• Executive communication & board reporting
• Ability to scale governance globally

Join us at Linnk Group and play a pivotal role in shaping the future of the technology market! Apply now for the Head of ITSEC & Governance position.