Chief Information Security Officer (CISO) - NGO (Senior Manager)

Shape the Future of Cross-Border Payments

Nexus Global Operator (NGO) is the joint venture entity established by PayNet and NETS to serve as the Nexus Technical Operator, responsible for building, operating and securing the core technology platform for Nexus. Nexus is designed to transform cross-border payments by connecting domestic instant payment systems across markets through a single, standardized platform. This is a rare opportunity to help build critical global payments infrastructure, backed by two national payment infrastructure operators with proven experience in world class real-time payment ecosystems.

Why This Role Matters

The Chief Information Security Officer (CISO) is a core member of the executive leadership team, responsible for defining and driving enterprise-wide cybersecurity strategy. Reporting to the CEO, the CISO provides independent oversight of cyber and technology risk, while working in close partnership with the CTO to ensure secure, scalable, and resilient technology platforms.

In the initial phase, the role will focus on building the security governance model, embedding security into platform delivery, and preparing the organization for operational and regulatory readiness, with increasing ownership of steady-state security capabilities as the organization matures.

What You’ll Own

Executive Leadership & Governance

• Serve as the principal cybersecurity advisor to the CEO and Board
• Provide independent oversight of cyber and technology risks
• Establish governance and reporting frameworks for enterprise security
• Deliver board-level insights on threats, posture, and investment priorities

Strategic Partnership with CTO

• Partner closely with the CTO on secure architecture, platform scalability, and engineering priorities
• Co-own security aspects of technology strategy, including cloud, infrastructure, and platform modernization
• Embed security into engineering culture and decision-making without creating friction
• Act as a constructive challenger on technology risk, design, and resilience

Security Strategy & Transformation

• Define and execute a global cybersecurity roadmap aligned with business growth
• Lead initiatives such as Zero Trust, DevSecOps maturity, and automation
• Align cybersecurity investments with enterprise risk appetite
• Support the phased build-up of the organization’s internal security capability and operating model

Security Operations & Engineering

• Oversee the establishment and maturation of SOC, threat detection, and incident response across global operations
• Ensure protection of 24/7 mission-critical payment switching systems
• Implement advanced tooling (SIEM, SOAR, EDR) and monitoring capabilities
• Work with internal teams and delivery/service partners to strengthen operational security readiness

Risk, Compliance & Regulatory Engagement

• Own enterprise cyber risk management framework
• Ensure compliance with PCI-DSS, ISO 27001, SWIFT CSP, MAS TRM, BNM RMiT
• Serve as primary interface with regulators and auditors
• Lead audits, reviews, and remediation efforts
• Drive security readiness for operational go-live and ongoing control maturity

Product & Platform Security

• Embed security into SDLC and platform engineering (DevSecOps)
• Ensure secure architecture for APIs, switching platforms, and transaction flows
• Oversee third-party and supply chain security

Incident Response & Resilience

• Lead executive response to major cyber incidents
• Drive cyber resilience, BCP, and disaster recovery strategies
• Conduct simulations involving executive leadership
• Establish fit-for-purpose incident escalation and response processes as the organization transitions toward steady-state operations

Global Stakeholder Engagement

• Collaborate with CTO, CIO, Risk, Legal, and Compliance functions
• Represent the organization in industry and regulatory forums
• Build trust with partners, regulators, and customers

Who You Are

You are a leader who can balance strategic governance and hands-on execution, aligning security with innovation across global payment infrastructure.

What You Bring

• 15+ years in cybersecurity, with 7–10 years in senior leadership roles
• Proven experience in payments, banking, fintech, or critical infrastructure
• Experience partnering deeply with CTO/engineering organizations
• Experience building or maturing security capabilities in evolving or regulated environments would be an advantage

Technical & Domain Expertise

• Payment switching and real-time transaction systems
• Cloud, infrastructure, and application security
• Cryptography, HSMs, and key management
• Familiarity with PCI-DSS, ISO 27001, NIST, COBIT

You’ll Stand Out If You Have:

Regulatory Knowledge

• Experience with APAC regulatory frameworks:
• BNM RMiT
• MAS TRM
• Cross-border compliance and data protection
• Experience supporting security governance, audit readiness, and control implementation during platform build or transition phases would be beneficial

Leadership Profile

• Execution-focused and delivery accountable
• Strong governance and structured thinking
• Excellent stakeholder and participant coordination capability
• Calm leadership under complex multi-party environments