Head of Information Security

About the job Head of Information Security

A leading E&P Company invites applications for the position of Head of Information Security.

Bachelor's degree in Information Security/Cyber Security/Engineering (Electrical/Electronics/Telecom/Computer/System/Software/)/Computer Science/IT OR M.Sc. (Computer Science)/MS Information Security/ Cyber Security/MCS/MIT. Degree must be recognized from HEC/PEC.

CISSP/CISM is mandatory, candidates possessing relevant advanced certifications like CISA, CRISC, CEH, ISO/IEC 27001 Lead Implementer/Auditor will be preferred.

At least 14 years of relevant experience in information technology and cybersecurity preferably having prior experience of heading an Information Security Function along with OT infrastructure.

The Head of Information Security will lead the enterprise-wide cybersecurity and industrial control systems (ICS/OT) security strategy. The role is responsible for ensuring the confidentiality, integrity, and availability of IT and OT assets. The Head of Information Security must align security efforts with global standards while fostering a cyber‑resilient culture.

• Develop and implement cybersecurity & OT security strategy covering IT/OT Infrastructure, aligned with the business, operational, and regulatory objectives.
• Build /enhance Security Operations Center (SOC) to support 24/7 incident detection and response.
• Lead enterprise-wide implementation of cybersecurity governance frameworks, policies and control mechanisms.
• Identify and prioritize protection of Critical Information Infrastructure (CII).
• Develop a real‑time threat intelligence and monitoring capability.
• Lead the organizations Disaster Recovery (DR) and Business Continuity Planning (BCP) as per global standards.
• Present cybersecurity posture, risks, and investment requirements to the top management.
• Establish and maintain ISMS in line with ISO/IEC 27001:2022 and risk assessments per ISO 31000.
• Develop and test Cyber Incident Response Plans (CIRP).
• Drive Cybersecurity awareness and training programs specific to IT/OT cyber risks.
• Develop and enforce network segmentation and access controls between IT and OT environments.

• The initial term of employment will be three (03) years extendable by mutual consent.
• In case of foreign degree, an equivalence certificate from HEC must be provided.
• Only shortlisted candidates will be called for evaluation/assessment.
• The Company reserves the right to fill or not to fill the advertised position.
• No TA/DA will be admissible for evaluation/assessment.

The candidate should not be more than 50 years of age as of last date of submission of application.

If you have the required experience and educational qualification to take up the challenging role, you are requested to apply by November 30, 2025 at http://jobs.hrs-int.com/

Only shortlisted candidates will be contacted. www.hrs-int.com