Head of Group Cybersecurity & Information Security (SVP Grade)

The Enterprise Head of Group Cybersecurity & Information Security is a strategic leadership role responsible for safeguarding the banks digital assets, customer data, and infrastructure across all entities and geographies. The position ensures regulatory compliance and drives cybersecurity maturity aligned with business goals.

Responsibilities

• Develop and execute group-wide cybersecurity strategy
• Lead Information Security Committee and report to Board/ExCo
• Ensure compliance with global and local regulations (BNM, MAS, GDPR, etc.)
• Maintain cybersecurity policies and standards
• Oversee SOC, threat intelligence, incident response
• Implement resilience measures (red-teaming, crisis simulations)
• Drive advanced security technologies (AI, Zero Trust, cloud security)
• Manage Information Security Risk Register
• Collaborate with Audit and Risk for control assurance
• Ensure secure design in digital initiatives and vendor risk management
• Align cybersecurity with data governance and privacy laws
• Implement DLP, data classification, and customer data protection controls
• Lead global cybersecurity teams
• Promote security-first culture and executive engagement
• Mentor future cybersecurity leaders

Requirements:

• 3-5 Year Cybersecurity Strategy & Roadmap
• Quarterly Board/ExCo Risk Reports
• Regulatory & Standards Compliance Certifications
• Annual Incident Response & Crisis Simulation Results
• Cybersecurity Capability Maturity Improvements
• Bachelors/Masters in Cybersecurity or related field
• 15+ years in InfoSec, 5+ years in senior banking leadership
• Deep knowledge of financial regulations (BNM RMiT, MAS TRM, GDPR, etc.)
• Certified in CISSP, CISM, CISA, CRISC, CCISO, SABSA, ISO 27001 LA
• Proven board-level engagement and stakeholder management
• Strategic vision and leadership
• Regulatory and risk management expertise
• Crisis resilience and ethical integrity
• Board-level influence and multicultural team leadership