Chief Information Security Officer (CISO)
IT - Software / DB / QA / Web / Graphics / GIS
About the Employer
Job Description
Chief Information Security Officer (CISO)
AMW Capital Leasing & Finance PLC | Colombo 02
Who Are We?
AMW capital Leasing and Finance PLC is a finance company registered under the Central Bank of Sri Lanka and a subsidiary company of AMW Group which is a leading corporate entity in Sri Lanka and the sole distributor for several world-renowned automobiles and related brands, under the umbrella of Al-Futtaim Group, Dubai UAE.
AMW capital Leasing is spread across the country with a network of 21 branches and is in the process of expanding its network. Our focus is to employ and engage diverse individuals who aspire to grow with us in a financial entity that offers unlimited career potential in a multinational environment.
Overview of the role
The Chief Information Security Officer (CISO) is responsible for establishing and maintaining a comprehensive information security strategy that safeguards the confidentiality, integrity, and availability of the organization’s data, systems, and financial platforms. In a regulated financial services environment, the CISO leads the design and implementation of robust cybersecurity frameworks to protect customer information, financial transactions, and critical business infrastructure from cyber threats and data breaches.
What you will do
- Develop, implement, and maintain the company-wide information security strategy and programs.
- Lead security risk management initiatives, including threat assessments, vulnerability management, and incident response planning.
- Ensure compliance with relevant security regulations, standards, and best practices.
- Collaborate with IT and business units to embed security into technology and operational practices.
- Manage security audits, both internal and external, and oversee remediation efforts.
- Provide regular reports and strategic advice to the executive team and board on cyber risk posture and mitigation efforts.
- Oversee the security architecture of IT systems, cloud environments, and data assets.
- Lead response to cybersecurity incidents, ensuring effective containment, investigation, and recovery.
What equips you for the role
- Master's degree in information security or master's degree in computer science/information technology specializing in Information Security.
- (ISC)2 Certified Information Systems Security Professional (CISSP).
- 10 years of experience in IT security, with at least 3 years in a management role.
- Strong knowledge of current cybersecurity threats, trends, and technologies.
- Proven experience in building and leading security teams and managing large-scale security initiatives.
- Exceptional communication and stakeholder management skills, with the ability to convey complex security concepts to non-technical audiences.
- Deep understanding of regulatory and compliance frameworks of NBFIs.
If you believe you're a good fit for the position described above, please send your CV to [email protected] within 07 days of this advertisement.
Please mention the position name in the subject line of the email.
