Head of IT and Cybersecurity

We are seeking an experienced Head of IT & Cybersecurity to lead the strategy, operations, and continuous improvement of the organisation’s IT infrastructure and cybersecurity posture. This role owns the end-to-end technology foundations that keep the business running securely and reliably, spanning end-user computing, networks, cloud/hybrid infrastructure, identity and access, security operations, and technology governance.

Responsibilities:

Infrastructure Strategy & Operations
Define and execute the infrastructure roadmap across end-user devices, networks, data centre and/or cloud environments, balancing availability, performance, security, and cost. Oversee day-to-day IT operations and service management, ensuring high system uptime, strong user experience, and effective vendor performance.

Cybersecurity Strategy & Security Operations
Own the cybersecurity strategy and operating model, including security architecture oversight, threat and vulnerability management, incident response, and security monitoring (in-house and/or outsourced SOC). Ensure high-fidelity detection and response processes, strong security baselines, and measurable uplift in resilience.

Governance, Risk & Compliance (Technology GRC)
Establish and maintain security policies, standards, procedures, and governance frameworks aligned with regulatory expectations and best practices (e.g., PDPA, ISO 27001, NIST). Lead risk assessments across infrastructure, cloud services, applications, and emerging technologies; track remediation and report key risks and KRIs to senior leadership and Board stakeholders.

Security Architecture & Secure-by-Design Enablement
Drive infrastructure and security design reviews for major initiatives to ensure security is embedded early. Advise technology teams on secure configurations, identity and access controls, network segmentation, hardening standards, and secure cloud adoption.

Third-Party & Vendor Management
Manage key technology and security vendors and service providers, ensuring strong governance, SLAs, and outcomes. Oversee third-party risk assessments for critical suppliers and support remediation where required.

Audit & Inspection Management
Coordinate internal and external audits, security assessments, and regulatory inspections. Ensure timely provision of artefacts, resolution of audit findings, and continuous improvement of control maturity.

People Leadership
Lead, mentor, and develop infrastructure, end-user support, and security teams. Build a high-performing culture with clear accountability, continuous skills uplift, and strong collaboration across IT and business functions.

Requirements

• Minimum 10+ years of progressive experience in infrastructure, cybersecurity, and/or technology risk, with recent years in a leadership role.

• Strong experience across network and cloud infrastructure operations, IT service management, and cybersecurity governance.

• Proven track record leading security operations, vulnerability management, incident response, and security monitoring/SOC oversight.

• Hands-on familiarity with security architecture controls (e.g., IAM, endpoint security, network security, WAF, EDR, SIEM) and modern cloud/hybrid environments.

• Demonstrated experience managing audits, inspections, and remediation programmes; exposure to regulated environments is advantageous.

To apply:

If you’re interested to apply or find out more, please share across your CV or reach out to Chen Yi at cy@kerryconsulting.com for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060