M1 - IT Security Lead - Business Partner

Objective of the Role
As the IT Security Business Partner Lead, you will be responsible for leading the IT security business partnership function within our fintech product development company. This senior role involves managing a team of IT security business partners, ensuring the protection of our infrastructure, cloud environments, development processes, and compliance with regulatory requirements. You will play a critical role in enhancing the security maturity of our products and services, fostering collaboration between IT and security teams, and driving strategic security initiatives.

Main Responsibilities

Strategic Leadership & Partnership
● Act as the primary Information Security representative and strategic consultant, translating security requirements and risks for business, technology, and executive leadership (CTSO/CISO).
● Align the cybersecurity strategy with the company's strategic objectives, ensuring security is integrated into all new business ventures, product development, and technology projects.
● Lead and mentor the Cybersecurity Business Partner team, driving alignment, promoting diversity and inclusion, and continuously managing team performance against key strategic objectives.

Risk Management & Compliance Oversight
● Own the Business Security Risk Landscape: Perform periodic, holistic risk reviews, coordinate mitigationplans with technical teams, and ensure the appropriate level of security maturity across theorganization.
● Govern Policies and Audits: Oversee the dissemination of and compliance with Information SecurityPolicies, and lead efforts to meet both internal and external audit requirements and regulatorymandates.
● Develop Business Security Indicators: Design and implement key metrics (KPIs) to measure and reportthe effectiveness and maturity of the security posture to executive leadership monthly.Operational

Engagement & Incident Response
● Manage Cross-Functional Relationships: Serve as the central liaison and point of contact for key internaldepartments (e.g., CTSO for operational security, CISO for governance), facilitating seamless communication and collaboration.
● Drive Security Maturity: Ensure proactive vulnerability management and escalate critical threats thatjeopardize the Confidentiality, Integrity, and Availability (CIA) of the business to the Monitoring andResponse (SOC) team.
● Participate in Incident Response: Provide critical business context and coordination support duringsecurity incidents to ensure timely and effective containment and resolution.Culture, Innovation & Empowerment
● Embed Security Culture: Participate in business committees and rituals to identify emerging securityneeds, providing training and guidance to stakeholders on best security practices.
● Promote Autonomy and Innovation: Actively foster an autonomous work culture within the team,driving innovation by exploring new security technologies, secure development practices, and industrybest practices.

Required Knowledge and Experience
● Bachelor's degree in computer science, Information Technology, or a related field.
● Over 8+ years of experience in managing security controls across various layers: data, end-user devices,cloud, infrastructure, perimeter networks, and web and mobile applications.
● Deep knowledge of security technologies, cryptography, secure development, and application security.
● Familiarity with security audits, regulatory compliance, and security risks.
● Proven experience in project management, including planning, execution, and monitoring of securityinitiatives.
● Desirable security certifications: CISSP, CISA, CISM, and PCI.
● Intermediate English communication skills.