Job Purpose
The Chief Information Security Officer (CIO) will spearhead the creation and ongoing refinement of the organization’s strategic vision and security framework, ensuring robust protection of critical information assets and technologies. This executive will oversee the formulation and execution of comprehensive security policies, risk mitigation frameworks, cyber defense measures, regulatory adherence initiatives, and structured incident response procedures across all business functions.
Oversee and execute a range of critical duties, ensuring alignment with organizational goals and operational standards. Develop and implement strategic initiatives to drive efficiency, innovation, and sustainable growth. Collaborate with cross-functional teams to foster seamless communication and achieve collective objectives. Monitor performance metrics to identify trends, address gaps, and implement corrective measures as needed. Ensure compliance with industry regulations and internal policies while maintaining high ethical and professional standards. Manage resources effectively to optimize productivity and deliver measurable outcomes. Provide leadership and mentorship to teams, cultivating a culture of accountability and continuous improvement.
We are seeking a highly motivated professional with exceptional strategic vision and leadership capabilities to guide our organization toward sustained growth and innovation. The ideal candidate will possess a proven track record in developing and executing high-impact strategies, fostering a culture of accountability, and inspiring teams to achieve ambitious goals. Key responsibilities include shaping long-term objectives, driving operational excellence, and cultivating partnerships to enhance market positioning. Candidates must demonstrate strong decision-making skills, a results-driven mindset, and the ability to navigate complex business challenges with confidence. A minimum of 10 years of progressive leadership experience in a relevant field, along with an advanced degree in business administration, management, or a related discipline, is required. Exceptional communication and interpersonal abilities are essential to align stakeholders and drive organizational success.
Craft a comprehensive information security strategy, devise a detailed roadmap, and establish a forward-looking cybersecurity vision for the organization.
Direct the Information Security and Cybersecurity Risk teams, providing leadership, mentorship, and strategic management to foster their professional growth and operational excellence.
Develop and oversee enterprise-wide security governance in accordance with globally recognized best practices.
Cybersecurity Operations oversees the protection of an organization’s digital assets through proactive threat detection, incident response, and continuous monitoring of security systems. This role requires expertise in identifying vulnerabilities, implementing robust security measures, and ensuring compliance with industry standards and regulations. Professionals in this field analyze security logs, investigate potential breaches, and collaborate with IT teams to mitigate risks. Strong analytical skills, attention to detail, and a deep understanding of cybersecurity frameworks are essential for success in this position.
Responsible for managing the deployment, supervision, and ongoing enhancement of cybersecurity measures across networks, applications, endpoints, and cloud infrastructures.
Oversee the Security Operations Center (SOC) and lead threat-intelligence initiatives.
Conduct in-depth vulnerability assessments, perform penetration tests, and execute comprehensive security audits.
Ensures adherence to regulatory standards and internal policies by identifying, assessing, and mitigating risks across the organization. Collaborates with leadership to establish robust compliance frameworks, conducts audits, and monitors emerging regulatory developments. Develops training programs to promote a culture of compliance and risk awareness among employees. Tracks and reports on key risk indicators, ensuring timely and accurate communication to stakeholders. Requires a bachelor’s degree in finance, accounting, law, or a related field, along with relevant certifications such as CPA, CIA, or CRCM. A minimum of five years of experience in risk management, compliance, or a similar role is essential, with strong analytical skills and proficiency in compliance software.
Perform regular evaluations of potential risks to systematically detect, measure, and rank security vulnerabilities.
Ensure adherence to all pertinent regulatory frameworks, including ISO 27001, GDPR, NDPR, and PCI-DSS, by implementing and maintaining robust compliance protocols.
Compliance with DSS, CBN, and FDIC regulations is essential for financial institutions, ensuring adherence to established standards and safeguarding financial integrity.
Develop and implement robust security policies, standards, and procedures to ensure comprehensive coverage across all organizational units. Additionally, oversee incident response protocols and business continuity plans to maintain operational resilience and safeguard critical functions.
Develop and execute a comprehensive Cybersecurity Incident Response Plan (CARP) to ensure robust defense against potential threats.
Oversee the response to security breaches, cyber-attacks, and data leaks while ensuring prompt and effective communication with stakeholders.
Partner with IT leadership to validate and stress-test business continuity and disaster recovery frameworks, ensuring their robustness and reliability.
Proactively engage with key stakeholders to ensure alignment with organizational objectives and maintain strong, collaborative relationships. Identify and address their needs, concerns, and expectations through clear communication and timely updates. Foster a transparent and trust-based environment to facilitate productive partnerships and drive project success. Requires proficiency in stakeholder analysis, negotiation, and conflict resolution, along with exceptional interpersonal and communication skills.
Prepare and deliver regular security reports to the Board, Executive Management, and regulatory authorities.
Educate employees on security protocols and foster a robust cybersecurity mindset throughout the organization.
Act as the main point of contact for interactions with law enforcement entities, cybersecurity collaborators, and regulatory bodies.
The position requires consistent tracking and evaluation of Key Performance Indicators (KPIs) to measure progress toward established organizational goals. This involves analyzing critical metrics, identifying trends, and providing actionable insights to enhance operational efficiency. Responsibilities include ensuring data accuracy, reporting findings to stakeholders, and collaborating with cross-functional teams to align KPIs with broader business objectives. Candidates must demonstrate proficiency in data interpretation, strong analytical skills, and the ability to translate complex information into clear, strategic recommendations.
Implemented significant reductions in cybersecurity incidents and vulnerabilities, bolstering overall system integrity and resilience against potential threats.
Ensures prompt resolution by adhering to predefined Service Level Agreement (SLA) response times for incidents and breaches, maintaining alignment with organizational standards and urgency levels.
To maintain adherence to regulatory standards and achieve optimal audit compliance ratings, the role requires a thorough understanding of applicable laws, guidelines, and internal policies. This involves conducting regular assessments, identifying potential risks, and implementing corrective measures to ensure full compliance with industry regulations. The position demands meticulous attention to detail, strong analytical skills, and the ability to interpret complex regulatory frameworks. Additionally, the role involves collaborating with cross-functional teams to address compliance gaps, preparing documentation for audits, and providing guidance to ensure organizational adherence to evolving legal requirements.
Responsible for achieving and sustaining the established cybersecurity roadmap initiatives, ensuring timely and effective execution of all security projects and measures. This role requires diligent tracking of progress, thorough assessment of implementation status, and proactive identification of obstacles to maintain alignment with strategic security objectives. Strong project management skills and a deep understanding of cybersecurity frameworks are essential to drive continuous improvement and mitigate risks across the organization.
To foster a robust security culture, oversee the completion of cybersecurity awareness and training initiatives, ensuring high participation rates and adherence to organizational policies. Track progress, address any gaps in engagement, and provide necessary support to employees to ensure full compliance with training requirements. Collaborate with IT and HR departments to streamline the process, monitor completion metrics, and report on the effectiveness of the training programs to stakeholders.
Seeking a highly motivated candidate with at least three years of experience in a similar role, preferably within the financial services or fintech industry. Strong proficiency in data analysis, financial modeling, and proficiency with tools such as Excel, SQL, and Power BI are essential. Exceptional analytical, problem-solving, and communication skills are required to interpret complex data and present actionable insights to stakeholders. A bachelor’s degree in finance, economics, accounting, or a related field is mandatory, with advanced degrees or certifications (e.g., CFA, CPA) viewed as advantageous. Candidates must demonstrate a keen attention to detail, the ability to work under tight deadlines, and a commitment to maintaining high standards of accuracy and integrity in all deliverables. Prior experience collaborating with cross-functional teams, including IT, marketing, and operations, is highly desirable.
A bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a closely related discipline is required, with a master’s degree considered advantageous.
Relevant cybersecurity certifications may include CISSP, CASM, CEA, CCSP, RISC, ISO 27001 Lead Implementer/Auditor, and SEC.
A minimum of a decade of combined IT and cybersecurity experience is required, including at least five years in a leadership capacity.
Experienced with information security frameworks and their practical applications is essential for this role.
Experts in cloud security and network architecture design, implement, and maintain robust security frameworks and infrastructure to safeguard digital assets. They conduct comprehensive risk assessments, develop security policies, and deploy advanced technologies to mitigate threats while ensuring compliance with industry standards and regulatory requirements. Additionally, they oversee network configurations, monitor security protocols, and collaborate with cross-functional teams to enhance system resilience and operational efficiency.
Digital risk management and governance encompass the systematic identification, assessment, and mitigation of risks associated with digital assets, technologies, and processes. This role involves establishing robust frameworks, policies, and controls to safeguard information integrity, confidentiality, and availability while ensuring compliance with regulatory requirements and industry standards. It requires a comprehensive understanding of cybersecurity threats, data protection principles, and emerging technologies to proactively address vulnerabilities and align organizational objectives with security best practices.
Ensuring adherence to all applicable regulatory compliance requirements is essential to maintaining organizational integrity and mitigating legal risks. This role necessitates a thorough understanding of industry-specific regulations, stringent documentation practices, and proactive monitoring to guarantee full compliance with federal, state, and local mandates. Candidates must demonstrate expertise in interpreting complex regulatory frameworks and implementing policies that align with evolving legal standards. Additionally, the position requires ongoing assessment of compliance gaps, timely reporting of violations, and collaboration with cross-functional teams to address corrective actions efficiently.
Proven experience managing cybersecurity programs in financial services or technology-driven organizations is an added advantage.
The key skills and abilities required for this role include strong analytical and problem-solving capabilities, proficiency in relevant software and tools, excellent communication and interpersonal skills, and the ability to work both independently and collaboratively in a team environment. Additionally, candidates should demonstrate adaptability, attention to detail, and a commitment to continuous learning and professional development. A proven track record in similar positions and familiarity with industry best practices are essential for success in this position.
Strategic thinking, coupled with exceptional leadership capabilities, stand as essential attributes for this role. The ideal candidate will demonstrate a keen ability to envision long-term objectives, align resources effectively, and inspire teams toward shared goals. Strong decision-making skills, paired with the capacity to navigate complex challenges, will be critical to driving organizational success. Prior experience in guiding cross-functional initiatives and fostering a culture of innovation is highly valued, as is the ability to mentor and develop high-performing talent.
Cyber risk management involves identifying, assessing, evaluating, and mitigating risks associated with information technology systems and digital assets to prevent data breaches, cyberattacks, and other security incidents. Professionals in this field analyze vulnerabilities in networks, applications, and infrastructure, develop strategies to reduce exposure, and ensure compliance with relevant regulations and industry standards. They collaborate with cross-functional teams to implement security controls, conduct risk assessments, and respond to incidents promptly to minimize potential impacts. Strong analytical skills, technical expertise in cybersecurity frameworks, and familiarity with risk management methodologies are essential for success in this role.
Under incident command decision-making, the ability to assess situations swiftly and determine effective courses of action is paramount, ensuring that critical incidents are managed with precision and strategic foresight. This role demands a keen analytical mindset, the capacity to coordinate resources efficiently, and decisive leadership to guide teams through high-pressure scenarios. Responsibilities include evaluating risks, prioritizing objectives, and implementing solutions that mitigate escalation while maintaining operational integrity. Candidates must demonstrate strong problem-solving skills, adaptability in dynamic environments, and a thorough understanding of incident command principles to uphold safety and efficiency standards.
Data and information governance encompasses the policies, procedures, and frameworks designed to ensure the availability, integrity, usability, security, and compliance of organizational data and information assets throughout their lifecycle. This function involves establishing standardized practices for data management, quality control, risk mitigation, regulatory adherence, and ethical handling to safeguard sensitive information while enabling informed decision-making. Professionals in this field are responsible for developing governance models, defining data stewardship roles, enforcing compliance with relevant laws and industry standards, and implementing controls to mitigate risks such as breaches, misuse, or unauthorized access. Additionally, they collaborate with cross-functional teams to align data strategies with business objectives and drive continuous improvement in data governance initiatives.
Excellent verbal and written communication abilities, coupled with strong reporting proficiency, are essential.
Effectively handles stakeholder relations and crisis situations by developing strategic communication plans, mitigating risks, and maintaining positive relationships with key parties. Identifies potential issues early, implements proactive measures, and ensures transparency throughout challenging circumstances. Requires strong interpersonal skills, problem-solving abilities, and the capacity to make critical decisions under pressure. Experience in conflict resolution, negotiation, and maintaining stakeholder trust is essential for success in this role.
A commitment to ethical standards, the ability to maintain strict confidentiality, and a highly analytical mindset are essential.
Qualifications
BA/BSc/HND , MBA/MSc/MA
Experience Required
10 years
