Chief Information Security Officer (JD#10587)

Job Summary

We are seeking a Chief Information Security Officer (CISO) to drive cybersecurity resilience, governance, operations, engineering, and testing across both on-premises and major cloud platforms.
This role will ensure security is embedded and uplifted throughout the organization's digital transformation journey, with a strong focus on policy formulation, enforcement, and ecosystem development through close collaboration with internal and external teams.

Mandatory Skills

• Degree in Computer Science, Information Systems, Engineering, or related tech field;
• Must have more than 8 years of experience in information security, security policies, ICT operations, business processes including management experience;
• Having exposure and experience in cybersecurity governance frameworks, security operations including incident response, architecture design and threat risk assessment, and security testing is important for this role;
• Must have experience in both on-prem and cloud security environments;
• Skilled in security-by-design, system architecture reviews, and DevSecOps practices;
• Proficient with Infrastructure as Code (IaC) tools and securing CI/CD pipelines;
• Deep understanding of cloud models (IaaS, PaaS, SaaS) and modern cloud-native architectures (e.g. serverless, containers, microservices);
• Able to identify and assess cybersecurity threats across on-prem and cloud environments;
• Experience in evaluating security controls and recommending mitigation strategies;
• Strong background in ICT operations, security policies, and business processes;
• Proven ability to lead multi-functional, cross-disciplinary teams;
• Knowledgeable in compliance requirements; able to identify violations in IT environments;
• Strong interpersonal and executive stakeholder management skills;

Desired certifications/skills

• Relevant certifications (CISSP, CISM, CISA, GSEC);

Responsibilities

• Drive the organisation’s overall cybersecurity strategy, policies, and governance;
• Lead cybersecurity efforts that support digital transformation while ensuring strong cyber resilience;
• Oversee risk assessments, mitigation plans, and compliance with national frameworks;
• Provide strategic and technical guidance on secure architecture, security technologies, and DevSecOps practices;
• Collaborate with internal teams and external vendors to manage IT security operations;
• Lead incident response planning, conduct exercises, and manage real-world cyber incidents;
• Strengthen cloud and on-premise security posture aligned with government best practices;
• Champion secure-by-design principles across systems and product development;
• Build and maintain cybersecurity awareness and training programs across the agency.

An Equal Employment Opportunity employer. We are committed to diversity and inclusion in the workplace.