Head of Cyber Security Governance and Compliance

Head of Cyber Security Governance and Compliance

Location: HO / Switch Building – 5th Floor

Closing Date: 31/05/2026

Job Purpose

As the Head of Cyber Security Governance and Compliance, you will be the primary process owner for all assurance activities related to the availability, integrity, and confidentiality of information assets across the Dialog Group. You will act as the strategic liaison between technical teams and executive management to define acceptable risk levels and ensure full compliance with Group Security Policies. This is a high-visibility leadership role, serving as the key custodian for delivering KPIs to the Axiata and Dialog Board Risk and Compliance Committees.

The Job

• Strategic Leadership: Assist senior management in formulating and enforcing a robust cyber security strategy across the Dialog and Axiata groups to ensure organizational resilience.

• Risk Management: Direct mitigation strategies to reduce the group’s attack surface and maintain risk exposure within defined acceptable limits.

• Cyber Defense Architecture: Architect proactive defense mechanisms and serve as the organizational focal point for all information risk and cyber defense matters.

• Governance & Operations: Establish Functional Threat & Vulnerability Management (TVM) processes and oversee interactions with the Group Security Operations Center (GSOC).

• Incident & Hygiene Management: Manage security incidents and report the overall status of cyber hygiene to the Cyber Security Steering Committee.

• Collaboration & Roadmap: Direct the enterprise security roadmap in collaboration with Axiata, coordinating with OPCOs and external consultants to maintain a modern security platform.

• Privacy & Data Protection: Drive the integration of privacy and data protection controls into the broader cyber security program.

• Supply Chain Security: Address security gaps within the supply chain and manage supplier performance to safeguard internal information.

• Awareness & Culture: Communicate security policies and emerging threats to end-users, fostering a culture of security awareness and adherence across the organization.

• Operational Excellence: Oversee budgeting, capacity planning, and the execution of activities outlined in the InfoSec Calendar and Risk Register.

• Team Development: Establish succession planning and track career development goals for the security team.

Candidate Profile

Education & Experience:

• Education: Bachelor’s degree in Information Technology or Engineering. A Master’s degree in a related field is a significant advantage.

• Experience: More than 10 years of professional experience in the cybersecurity industry, with a proven track record in leadership and governance.

Technical Certifications (Preferred):

• Possession of one or more industry-standard certifications: CISSP, CISM, CRISC, CDPSE, CCISO, CDPP.

• Expertise in international standards: ISO 27001, ISO 22301, BS10012.

• Foundational technical knowledge: MCSE, CCNA, ITIL (F).

Core Competencies:

• Thought Leadership: Ability to provide senior-level expertise to other specialists in the cybersecurity domain.

• Stakeholder Management: Proven ability to resolve conflicts between business requirements and security mandates at an executive level.

• Analytical Skills: Expert-level root cause analysis for security-related outages and complex risk evaluations.

• Communication: Exceptional ability to present complex risk data to Board-level committees and diverse internal audiences.

Why Join Dialog?

• Executive Impact: Influence the security posture of Sri Lanka’s leading connectivity provider and its regional parent group.

• Strategic Ownership: Lead a critical function with high autonomy over governance, risk, and compliance frameworks.

• Innovation: Drive the implementation of cutting-edge proactive defense and automation within a massive enterprise environment.

Dialog Axiata is an Equal Opportunity Employer.

Company: Dialog Axiata PLC

More Jobs