The APAC CISO is responsible for providing leadership and strategic alignment across regional security initiatives, ensuring alignment with global enterprise policies while enabling country-specific business goals across the Asia-Pacific region. This senior position requires a strong technical and communication background, with a focus on building and maintaining digital trust, fostering cross-regional collaboration, and adapting swiftly to the evolving threat landscape.
Reporting to the Head of Technology Risk and Cybersecurity, the CISO leads a team within the Technology Risk Governance and Cybersecurity function. The role drives the execution of a regional cybersecurity roadmap that supports digital transformation initiatives, regulatory compliance, security risk mitigation, and operational excellence. Key duties include leading incident response and recovery, developing security maturity models, engaging a wide range of stakeholders globally and domestically, and ensuring security-related business-as-usual processes are performed at high service levels.
Additional responsibilities involve championing strong regional security culture through awareness campaigns and training, defining clear roles and responsibilities for security initiatives, and advising senior leadership on key risks and mitigation strategies. The CISO delivers presentations to non-technical executives and boards on threat intelligence and maintains accountability for security metrics and KPIs aligned with business goals. The role also requires third- and fourth-party security management, responsible AI and ML usage, and continual optimisation of cloud environments for secure remote work support.
The ideal candidate will have a Bachelor's degree in Computer Science, Information Assurance, or a related field; a Master’s degree or MBA is advantageous. A minimum of 10–15 years in management with 5–8 years of hands-on information security experience is required, including at least 5 years in a business-facing role. Relevant certifications such as CISSP, CISM or SANS are highly regarded. Candidates must demonstrate strong written and verbal communication skills, sound judgement and decision-making, and the ability to thrive in a dynamic, high-pressure environment.
Essential qualities include a collaborative leadership style, ability to drive innovation, focus on employee growth and retention, and adept stakeholder engagement. The CISO must manage multiple priorities, lead regional projects to completion, and integrate global capabilities for effective orchestration, automation, and cost efficiency. Additionally, the role demands a high level of personal integrity, a people-first leadership approach, and a proven track record in advancing cyber resilience and organisational readiness across diverse geographies.