Head of Information Security

About the role

The Head of Information Security will lead the development, implementation and maintenance of the organization’s information security program. This role monitors data flows, oversees network activities, and ensures the security infrastructure remains robust and up‑to‑date.

Key responsibilities

• Spearhead the creation of information security governance documents and obtain management endorsement for policies, standards and procedures.
• Develop and execute a comprehensive cybersecurity strategy aligned with organizational objectives.
• Supervise the implementation of cybersecurity programs, projects and initiatives, ensuring adherence to timelines, budgets and quality standards.
• Manage vendor relationships, assess and select third‑party providers to meet security requirements.
• Identify, evaluate and procure appropriate cybersecurity tools and solutions.
• Develop and manage the cybersecurity budget, allocating resources to initiatives and projects.
• Conduct audits to identify business practices needing security attention.
• Establish standardized security testing methods and review processes based on risk management strategy.
• Regularly assess and update incident response plans against industry best practices.
• Record and analyze cybersecurity incidents, threats, risks and controls.
• Generate performance reports and dashboards from security event analysis.
• Set up KPIs and metrics to evaluate the effectiveness of cybersecurity initiatives and present findings to senior management.

Required profile

• Proficient and knowledgeable in information security concepts and practices.
• Demonstrated experience leading the creation, execution and upkeep of an organization’s security program.
• Strong ability to communicate the benefits and costs of security policies to senior management.
• Experience managing vendor relationships and security budgets.
• Capability to conduct audits, risk assessments and incident response testing.

Required skills