Job Description

Job Purpose:

This role will be reporting to the Head of GTT and is responsible to

drive cybersecurity consolidation and alignment across the group's diverse operating companies (OpCos)

. This role will lead efforts to standardize, centralize, and optimize cybersecurity capabilities, tools, and frameworks -- ensuring a consistent security posture while enabling flexibility for industry-specific regulatory and operational needs.

Key Responsibilities:

1. Cybersecurity Strategy & Consolidation

Develop and lead the group-wide cybersecurity consolidation strategy, identifying opportunities for shared services, tooling, and governance across OpCos. Define and roll out baseline cybersecurity controls, frameworks, and maturity models adaptable to various industry needs. Consolidate or rationalize key cybersecurity services and platform (e.g., SIEM, endpoint protection, identity & access management, vulnerability scanning, threat intelligence).

2. Program Execution & Governance

Lead implementation of group-wide cybersecurity initiatives such as: Unified security operations (SOC/SIEM) Common identity and access management (IAM) strategy Consolidated incident response protocols Establish and maintain cybersecurity governance structures, policies, and KPIs across OpCos. Drive periodic group-wide risk assessments, audits, and compliance reporting (e.g., PDPA, ISO 27001, NIST, CIS).

3. Cross-OpCo Collaboration & Enablement

Work closely with OpCo CISOs, IT heads, and risk officers to align on priorities and implement group-wide solutions while accommodating local compliance and business needs. Facilitate knowledge sharing, threat intelligence exchange, and collective defence mechanisms across industries. Identify opportunities to rationalize cybersecurity vendors, reduce overlapping tools, and consolidate licensing or managed service contracts.

4. Awareness, Training & Culture

Lead group-wide cybersecurity awareness, training, and simulation programs to strengthen the human firewall. Promote a security-by-design culture across IT and business teams.

Requirements:

Bachelor's degree or master's degree in Cybersecurity, Information Technology, or related field. 8+ years of experience in cybersecurity leadership, preferably in multi-entity or group-level environments. Strong track record in cybersecurity consolidation, governance, and multi-stakeholder program delivery. Expertise in cybersecurity controls, frameworks, and standards (NIST, ISO 27001, CIS), tools (e.g., Splunk, CrowdStrike, Microsoft Defender, Okta), and risk management. Experience navigating cybersecurity across regulated and diverse industries (Finance, automotive, hospitality) Strong leadership, stakeholder management and communication skills Familiarity with cybersecurity compliance across multiple regulatory environments (e.g., Cybersecurity Act 2024, PDPA, GDPR, BNM RMiT).
Job Types: Full-time, Permanent

Benefits:

Additional leave Dental insurance Free parking Health insurance Maternity leave Opportunities for promotion Professional development
Work Location: In person