VP / SVP, Information Security

Our client, a leading regional bank, is seeking a VP / SVP, Information Security, to lead initiatives within the areas of security governance, assurance, and audit management. This key leadership role will be responsible for strengthening the organisation’s information security framework, ensuring alignment with regulatory requirements and best practices across all business and technology domains.

Key Responsibilities

• Drive the development, implementation, and continuous improvement of the bank’s information security governance framework, policies, and standards.
• Oversee security assurance activities, including risk assessments, control evaluations, and reviews of technology and process compliance.
• Manage internal and external audits related to information security, coordinating responses, remediation tracking, and evidence submissions.
• Partner with business, technology, and risk teams to ensure effective implementation of security controls and adherence to regulatory requirements (e.g. MAS TRM, ISO 27001, NIST).
• Provide strategic guidance and assurance reporting to senior management and committees on the bank’s information security posture and residual risks.
• Monitor emerging regulatory and industry developments to proactively assess their impact on the bank’s security governance and assurance practices.
• Support training and awareness initiatives to promote a strong security culture throughout the organisation.

Requirements

• Degree in Information Security, Computer Science, or equivalent discipline.
• 10–15 years of relevant experience in information security governance, assurance, or audit management, ideally within the banking or financial sector.
• Deep understanding of regulatory and industry frameworks such as MAS TRM, ISO 27001, NIST, and COBIT.
• Proven experience managing large-scale audits, coordinating with both internal and external stakeholders.
• Strong analytical, communication, and stakeholder engagement skills, with the ability to influence senior leaders and drive cross-functional improvements.
• Relevant professional certifications such as CISM, CISSP, CISA, or ISO 27001 Lead Auditor are highly desirable.

This is an excellent opportunity for a senior security professional to shape the bank’s governance and assurance agenda and play a pivotal role in maintaining regulatory confidence and operational resilience.