Global Head Of Security

DayOne is a leading developer and operator of high-performance Data Centres in Asia Pacific. The largest carrier-neutral Data Centre service provider in Asia and one of the fastest growing in the world with a presence in Hong Kong, Singapore, Malaysia, Indonesia, Thailand and Japan.

DayOne is on an exciting trajectory, expanding markets internationally and looking for talented individuals who are passionate about growing with us. In this role, you'll have the opportunity to be at the forefront of our expansion efforts.

POSITION OVERVIEW

Reporting to the SVP Data Centre Operations, the Global Head of Security is responsible for developing, implementing, and overseeing comprehensive security strategies across DayOne’s global portfolio, starting with a strong initial focus on Southeast Asia. This strategic role covers physical security, cybersecurity, geopolitical risk, and operational resilience, ensuring our hyperscale data centres are protected, compliant, and prepared for rapid global expansion.

The role will also support global site selection and early-stage development, embedding TVRA (Threat, Vulnerability & Risk Assessment) and local threat intelligence into real estate decisions, with the intent to scale a repeatable security model as the business grows into Europe, the Middle East, and North America.Reporting to the SVP Data Centre Operations, the Head of Security is responsible for developing, implementing, and overseeing comprehensive security strategies to protect the data centre’s physical assets, IT infrastructure, and personnel.

This role requires a strategic leader with deep expertise in security protocols, risk management, and regulatory compliance, ensuring the facility operates securely and efficiently in a hyperscale environment.

RESPONSIBILITIES

Security Strategy and Leadership:

• Develop and execute a holistic security strategy aligned with the company’s objectives, covering physical security, cybersecurity, and operational resilience.

• Lead and mentor a team of security professionals, fostering a culture of vigilance, accountability, and continuous improvement.

• Serve as the primary point of contact for all security-related matters, liaising with senior management, clients, and external stakeholders.

Physical Security:

• Oversee the design, implementation, and maintenance of physical security systems, including access control, surveillance (CCTV), intrusion detection, and perimeter protection.

• Ensure robust security protocols for personnel, vendors, and visitors, including background checks, badge systems, and on-site monitoring.

• Coordinate with local law enforcement and emergency responders to address potential threats or incidents.

Cybersecurity:

• Collaborate with IT and network teams to safeguard critical systems, ensuring protection against cyber threats, data breaches, and unauthorized access.

• Implement and enforce policies for network security, encryption, endpoint protection, and incident response.

• Conduct regular vulnerability assessments and penetration testing to identify and mitigate risks.

Compliance and Risk Management:

• Ensure compliance with industry standards (e.g., ISO 27001, SOC 2, PCI DSS) and regional regulations relevant to data centre operations.

• Develop and maintain disaster recovery and business continuity plans to minimize downtime during security incidents or natural disasters.

• Conduct regular audits and risk assessments to proactively address vulnerabilities.

• Integrate TVRA findings into ongoing risk posture assessments and strategic reviews of site vulnerabilities.

Incident Response and Crisis Management:

• Establish and lead an incident response team to handle security breaches, emergencies, or other critical events.

• Investigate security incidents, document root causes, and implement corrective actions to prevent recurrence.

• Provide post-incident reports and recommendations to senior management.

Vendor and Stakeholder Collaboration:

• Assist in managing relationships with third-party security vendors, ensuring service level agreements (SLAs) are met.

• Work closely with cross-functional teams (Operations, IT, Legal, HR) to align security initiatives with business goals.

• Educate employees and contractors on security best practices through training and awareness programs.

Strategic Risk Intelligence and Site Selection:

• Contribute to the early-phase evaluation of new data centre locations by conducting Threat, Vulnerability, and Risk Assessments (TVRA) in line with global standards.

• Assess and report on geopolitical risks, crime levels, terrorism threats, civil unrest, and proximity to critical infrastructure or hazards (e.g., airports, fault lines, flood zones).

• Partner with Real Estate, Legal, and Government Affairs teams to advise on local law enforcement capability, regulatory landscapes, and jurisdictional risk implications.

• Maintain a network of security and intelligence partners to provide ongoing regional threat updates and horizon scanning to support global expansion strategies.

CANDIDATE REQUIREMENTS

• Experience: Minimum of 10 years in security management, with at least 5 years in a leadership role within a hyperscale data centre or critical infrastructure environment.

• Experience with multinational security operations or transitioning a regional programme into a global model is highly desirable.

• Experience in supporting site due diligence, land acquisition, or development phases from a security perspective is highly advantageous.

• Technical Expertise:

o Deep knowledge of physical security systems (e.g., biometrics, CCTV, alarm systems).

o Proficiency in cybersecurity frameworks, threat intelligence, and IT infrastructure protection.

o Familiarity with compliance standards (e.g., ISO 27001, PCI DSS, GDPR).

• Leadership Skills: Proven ability to lead teams, manage budgets, and drive security initiatives across large organizations.

• Analytical Skills: Strong problem-solving abilities to assess risks and implement effective countermeasures. A demonstrated ability to assess macro-level risks, such as geopolitical shifts and regional instability, and translate these into tactical security measures.

• Communication: Excellent verbal and written communication skills for reporting to executives and collaborating with stakeholders.

• Certifications: Preferred certifications include CISSP, CISM, CPP, or equivalent.

DESIRED ATTRIBUTES

• Experience working across multiple jurisdictions, with deep knowledge of Asia-Pacific security regulations and an appreciation for regional nuances in Europe, the Middle East, and North America.

Experience working in multinational environments with knowledge of Asia-Pacific security regulations.

• Familiarity with global TVRA methodologies (e.g., ISO 31000, ASIS TVRA frameworks).

• Understanding of international relations, regional politics, or conflict zones impacting the Asia-Pacific data centre landscape.

• Background in military, law enforcement, or intelligence agencies is a plus.

• Track record of innovating security processes and leveraging emerging technologies (e.g., AI for threat detection).