In this role, you will be the core driver of our cybersecurity posture. You will look at our systems from the perspective of an attacker to ensure our defenses are unbreakable and our data is safe. Your main responsibilities will include: 
Conducting Comprehensive Audits: You will lead regular, rigorous cyber, data, and information security audits across the entire organization. For example, you will review our cloud infrastructure, JAM (Identity and Access Management) protocols, and internal databases to ensure sensitive customer data is strictly protected and compliant with global standards. 
Managing Security Incidents & Corrective Actions: You will deeply review any security incidents or breaches to find the exact root cause. More importantly, you will relentlessly follow up on corrective and preventive actions. For example, if an audit reveals that employees are using weak passwords, you will follow up until a mandatory Multi-Factor Authentication (MFA) policy is fully enforced. 
Running Cyber Simulations (Dry-Runs): You will design and conduct security dry-runs and tabletop exercises to keep our teams sharp. For example, you will simulate a live ransomware attack to test exactly how quickly our IT Delivery teams and business leaders respond, communicate, and recover the systems. 
Championing Secure Architecture: You will act as the bridge between development and operations, applying your DevSec knowledge to ensure that every new tool or system we deploy has security baked in from the very beginning. 
Acting as a Security Advisor: You will serve as a consultant to IT and business leaders. For example, before the company buys a major new software system, you will review the vendor's security architecture and advise management on the potential risks before the contract is signed. 
Reviewing Incidents & Corrective Actions: When a security breach happens, you will independently review the incident to find the root cause. You will then track IT's progress on fixing it. For example, if an audit reveals employees have weak passwords, you will formally issue a corrective action plan and follow up with IT until Multi-Factor Authentication (MFA) is fully enforced. 
 

•    5+ years of hands-on experience specifically in cyber security, data security, and information security auditing.
•    Required Certifications: You must hold a valid CISA (Certified Information Systems Auditor) certification and possess deep, practical knowledge of the NIST Cybersecurity Framework.
•    DevSecOps Expertise: Sound knowledge of DevSec practices. For example, you know how to integrate security checks directly into the software development process so that new applications are built secure from day one.
•    Strong Stakeholder & Team Management: Proven ability to lead teams and manage business relationships. For example, you can confidently explain a complex network vulnerability to a non-technical business executive and secure their buy-in to fix it.
•    Independent Problem Solver: Highly capable of working independently in a fast-paced, challenging environment. For example, if a new global software vulnerability is announced on a weekend, you take the initiative to assess our exposure without waiting for top-down instructions.

•    Experience working in complex corporate environments undergoing digital transformation is highly desired.
•    Exceptional ability to remain calm, decisive, and communicative during high-pressure cyber incidents.

As per company policy.