As the Head of IT Security, you will define and execute IT strategy while overseeing end-to-end IT operations across the region. You will combine strategic leadership with hands-on expertise in Microsoft technologies, ensuring secure, compliant, and high-performing systems that deliver measurable business value.
What You'll Do and How You'll Succeed
IT Strategy, Governance & Projects
-
Define and execute IT strategy aligned with business objectives, ensuring technology delivers measurable outcomes
-
Lead IT projects and initiatives, including the design and deployment of new systems and services
-
Collaborate with stakeholders to analyse requirements and deliver effective technology solutions
-
Establish governance frameworks to support compliance, risk management, and audit readiness
-
Develop and maintain IT policies and procedures aligned with organisational direction
Microsoft Technology Stack Leadership
-
Oversee Microsoft 365 services including Teams, SharePoint, Exchange, OneDrive, and Intune to enable secure collaboration
-
Manage Azure cloud services across compute, storage, networking, and security domains
-
Lead identity and access management across Active Directory, Azure AD, DNS, Remote Desktop, and Group Policy
-
Implement security solutions such as Microsoft Defender, Compliance Center, Azure Security Center, and advanced DLP
-
Drive troubleshooting, optimisation, and standardisation across the Microsoft ecosystem
IT Risk Management, Cybersecurity & Compliance
-
Develop and enforce IT security policies aligned with ISO 27001 and client requirements
-
Lead IT risk management by identifying vulnerabilities and implementing mitigation strategies
-
Conduct internal reviews to ensure ongoing compliance
-
Initiate ISO 27001 certification efforts across relevant territories
-
Maintain audit-ready documentation and reports for regulatory, customer, and partner requirements
-
Monitor threats using Microsoft and third-party tools to ensure continuous protection
-
Promote organisational awareness of IT security and data privacy regulations through training and communication
IT Budgeting, Procurement & Asset Management
-
Develop and manage IT budgets while tracking expenditure against plans
-
Oversee procurement of hardware, software, and services
-
Ensure compliance with vendor agreements and licensing requirements
-
Maintain accurate inventories of hardware assets and software licences
-
Negotiate contracts and manage vendor service level agreements
Infrastructure & Operations
-
Manage enterprise infrastructure including servers, networks, routers, switches, and firewalls
-
Ensure high availability, scalability, and cost optimisation of IT systems
-
Oversee both cloud and on-premise environments across multiple geographies
-
Drive continuous improvement in infrastructure performance and resilience
Business Continuity & Disaster Recovery
-
Develop and own disaster recovery and business continuity policies across people, processes, and technology
-
Define RTO and RPO targets and implement backup and recovery solutions such as Azure Backup, Site Recovery, and Microsoft 365 retention
-
Conduct regular disaster recovery drills and address identified gaps
Incident Management
-
Establish and enforce incident response playbooks, escalation channels, and service level agreements
-
Lead incident containment, investigation, and recovery efforts
-
Communicate effectively with leadership, clients, and regulators during incidents
-
Conduct root cause analysis and implement corrective actions
IT Service Management & End-User Support
-
Implement ITIL-based service management processes including incident, problem, change, and request management
-
Lead helpdesk operations to ensure timely resolution of user issues
-
Provide direct support for escalations when required
-
Organise user awareness sessions on new technologies and security practices
-
Track service performance using SLAs, KPIs, and user satisfaction metrics
Data Protection & Privacy
-
Implement and monitor controls for personal and sensitive data protection
-
Conduct privacy impact assessments and risk evaluations
-
Lead response protocols for data breaches and ensure regulatory reporting
-
Promote a culture of privacy awareness across the organisation
-
Initiate data privacy certification efforts aligned with compliance requirements
Process Automation & Continuous Improvement
-
Identify opportunities to automate manual processes using RPA, workflows, or scripting
-
Collaborate with stakeholders to optimise IT and business processes
-
Drive efficiency, reduce errors, and embed a culture of continuous improvement
Leadership & People Management
-
Build and lead a high-performing IT team across multiple regions
-
Define team structures, roles, and succession plans
-
Mentor and develop team members to strengthen capability and performance
-
Foster a culture of collaboration, accountability, and service excellence
We'd Love to Hear From You If...
Experience
-
You hold a Bachelor's or Master's degree in IT, Computer Science, Information Systems, or a related field, or equivalent experience
-
You have 15+ years of IT experience, including at least 7 years in leadership roles
-
You have proven experience managing multi-regional IT operations, compliance, and vendor relationships
Technical Expertise
-
You have strong expertise in Microsoft technologies including Microsoft 365, Azure, Intune, Advanced DLP, and Windows administration
-
You have solid knowledge of network infrastructure components such as routers, switches, and firewalls
-
You have hands-on experience with ISO 27001 and information security standards
-
You hold certifications such as ITIL, ISO 27001 Lead Implementer, CISSP, CISM, or CISA as an advantage
Ways of Working
-
You think strategically while applying strong analytical and business acumen
-
You demonstrate strong project management and stakeholder collaboration skills
-
You lead with clarity, confidence, and sound decision-making
-
You bring deep technical troubleshooting capability across Microsoft and enterprise infrastructure environments
-
You balance long-term strategy with effective operational execution