As the Head of IT Security, you will define and execute IT strategy while overseeing end-to-end IT operations across the region. You will combine strategic leadership with hands-on expertise in Microsoft technologies, ensuring secure, compliant, and high-performing systems that deliver measurable business value.
What You’ll Do and How You’ll Succeed
IT Strategy, Governance & Projects
- Define and execute IT strategy aligned with business objectives, ensuring technology delivers measurable outcomes
- Lead IT projects and initiatives, including the design and deployment of new systems and services
- Collaborate with stakeholders to analyse requirements and deliver effective technology solutions
- Establish governance frameworks to support compliance, risk management, and audit readiness
- Develop and maintain IT policies and procedures aligned with organisational direction
Microsoft Technology Stack Leadership
- Oversee Microsoft 365 services including Teams, SharePoint, Exchange, OneDrive, and Intune to enable secure collaboration
- Manage Azure cloud services across compute, storage, networking, and security domains
- Lead identity and access management across Active Directory, Azure AD, DNS, Remote Desktop, and Group Policy
- Implement security solutions such as Microsoft Defender, Compliance Center, Azure Security Center, and advanced DLP
- Drive troubleshooting, optimisation, and standardisation across the Microsoft ecosystem
IT Risk Management, Cybersecurity & Compliance
- Develop and enforce IT security policies aligned with ISO 27001 and client requirements
- Lead IT risk management by identifying vulnerabilities and implementing mitigation strategies
- Conduct internal reviews to ensure ongoing compliance
- Initiate ISO 27001 certification efforts across relevant territories
- Maintain audit-ready documentation and reports for regulatory, customer, and partner requirements
- Monitor threats using Microsoft and third-party tools to ensure continuous protection
- Promote organisational awareness of IT security and data privacy regulations through training and communication
IT Budgeting, Procurement & Asset Management
- Develop and manage IT budgets while tracking expenditure against plans
- Oversee procurement of hardware, software, and services
- Ensure compliance with vendor agreements and licensing requirements
- Maintain accurate inventories of hardware assets and software licences
- Negotiate contracts and manage vendor service level agreements
Infrastructure & Operations
- Manage enterprise infrastructure including servers, networks, routers, switches, and firewalls
- Ensure high availability, scalability, and cost optimisation of IT systems
- Oversee both cloud and on-premise environments across multiple geographies
- Drive continuous improvement in infrastructure performance and resilience
Business Continuity & Disaster Recovery
- Develop and own disaster recovery and business continuity policies across people, processes, and technology
- Define RTO and RPO targets and implement backup and recovery solutions such as Azure Backup, Site Recovery, and Microsoft 365 retention
- Conduct regular disaster recovery drills and address identified gaps
Incident Management
- Establish and enforce incident response playbooks, escalation channels, and service level agreements
- Lead incident containment, investigation, and recovery efforts
- Communicate effectively with leadership, clients, and regulators during incidents
- Conduct root cause analysis and implement corrective actions
IT Service Management & End-User Support
- Implement ITIL-based service management processes including incident, problem, change, and request management
- Lead helpdesk operations to ensure timely resolution of user issues
- Provide direct support for escalations when required
- Organise user awareness sessions on new technologies and security practices
- Track service performance using SLAs, KPIs, and user satisfaction metrics
Data Protection & Privacy
- Implement and monitor controls for personal and sensitive data protection
- Conduct privacy impact assessments and risk evaluations
- Lead response protocols for data breaches and ensure regulatory reporting
- Promote a culture of privacy awareness across the organisation
- Initiate data privacy certification efforts aligned with compliance requirements
Process Automation & Continuous Improvement
- Identify opportunities to automate manual processes using RPA, workflows, or scripting
- Collaborate with stakeholders to optimise IT and business processes
- Drive efficiency, reduce errors, and embed a culture of continuous improvement
Leadership & People Management
- Build and lead a high-performing IT team across multiple regions
- Define team structures, roles, and succession plans
- Mentor and develop team members to strengthen capability and performance
- Foster a culture of collaboration, accountability, and service excellence
We’d Love to Hear From You If…
Experience
- You hold a Bachelor’s or Master’s degree in IT, Computer Science, Information Systems, or a related field, or equivalent experience
- You have 15+ years of IT experience, including at least 7 years in leadership roles
- You have proven experience managing multi-regional IT operations, compliance, and vendor relationships
Technical Expertise
- You have strong expertise in Microsoft technologies including Microsoft 365, Azure, Intune, Advanced DLP, and Windows administration
- You have solid knowledge of network infrastructure components such as routers, switches, and firewalls
- You have hands-on experience with ISO 27001 and information security standards
- You hold certifications such as ITIL, ISO 27001 Lead Implementer, CISSP, CISM, or CISA as an advantage
Ways of Working
- You think strategically while applying strong analytical and business acumen
- You demonstrate strong project management and stakeholder collaboration skills
- You lead with clarity, confidence, and sound decision-making
- You bring deep technical troubleshooting capability across Microsoft and enterprise infrastructure environments
- You balance long-term strategy with effective operational execution