- Information Security Governance & ISMS : Develop, implement, and maintain the Information Security Management System (ISMS), policies, and procedures, ensuring alignment with business needs, compliance requirements, and internationally recognized frameworks (ISO 27001, NIST, PCI DSS, data privacy laws).

- Risk & Compliance Management : Conduct and oversee risk assessments, vulnerability scans, penetration testing, and remediation tracking. Coordinate with stakeholders on control implementation, vendor security reviews, audits, and compliance assessments.

- Cybersecurity Operations : Monitor and respond to security incidents, perform deep-dive investigations, document findings, and drive containment and recovery measures while proactively tracking emerging threats and vulnerabilities.

- Security Architecture & Implementation : Collaborate with IT and cross-functional teams to influence secure design, system configurations, cloud security, and network security (firewalls, DLP, SIEM, endpoint protection, IPS/IDS).

- Awareness & Training : Lead security awareness programs, deliver engaging training sessions to employees and clients, and foster a culture of vigilance by influencing employee behavior as the First Line of Defence.

- Security Projects & Strategy : Plan, design, and execute strategic cybersecurity initiatives that strengthen enterprise security posture and support secure adoption of emerging technologies and business solutions.

- Stakeholder Engagement & Reporting : Establish strong relationships with business leaders and clients, aligning security priorities with business objectives. Prepare and present metrics, reports, and updates for senior management, risk committees, and governance boards.

- Continuous Improvement & Expertise : Serve as a subject matter expert, staying current with evolving threats, security standards, and best practices, while continuously enhancing security processes, policies, and frameworks.