Head of Security and Information Technology

Reports To:

Location:

Span of Control:

About the Role

We are seeking a seasoned IT & Security leader to lead, unify, and scale our security organization. This person will define and own the security vision, strategy, and execution roadmap protecting data, operations, and reputation across geographies and technology stacks. You will partner with executive leadership and align security goals with business growth.

Key Responsibilities

• Define, implement, and evolve a comprehensive security strategy that maps to business priorities.
• Lead the design and operation of the security organization: SOC, threat detection, incident response, forensics, and security engineering.
• Conduct enterprise risk assessments, vulnerability management, penetration testing, and gap analyses.
• Oversee identity and access management, encryption, key management, data protection and privacy controls.
• Collaborate with engineering, product, infrastructure, and operations teams to embed security in design, development, and deployment (DevSecOps).
• Manage third-party / vendor security and supply chain risk.
• Establish, monitor, and report on metrics, KPIs, and KRIs to executive leadership and the Board.
• Engage in compliance, audit, and regulatory initiatives.
• Define and lead incident response procedures, crisis management, post-incident review, communication and remediation.
• Cultivate a security-aware culture through training, awareness programs, simulations, and communication.
• Lead IT infrastructure design and delivery across data centers, cloud environments, and hybrid setups.
• Oversee hardware lifecycle management, virtualization, and automation initiatives.
• Manage network architecture, including LAN/WAN, VPN, SASE, SD-WAN, and secure edge access.
• Drive cost optimization, automation, and cloud-first adoption.
• Maintain BCP/DR frameworks ensuring RPO/RTO adherence for mission-critical systems.
• Conduct periodic DR tests and validate failover strategies.

Qualifications & Experience

• 12+ years overall experience in information security / cybersecurity; 5+ years in senior leadership roles.
• Proven track record scaling security in a technology / product / SaaS environment.
• Deep technical expertise with modern security technologies and architectures: IAM, encryption, network security, cloud security, application security, SIEM/EDR, etc.
• Experience with compliance, audits, privacy law, and regulatory regimes.
• Excellent strategic thinking, leadership, stakeholder management, and communication skills.
• Relevant certifications preferred: CISSP, CISM, CCSP, ISO 27001, cloud security certifications.

Preferred Skills & Attributes

• Ability to translate technical risk into business impact and influence senior stakeholders.
• Hands-on approach combined with strategic oversight.
• Experience in global / multi-region operations and cross-border data security.
• Comfortable with ambiguity and building foundations for scale.
• Strong ethical compass and trustworthiness in handling sensitive data.