Regional Cyber Security Lead

Roles & Responsibilities

Position Objective

Cognita is a global leader in independent education. Founded in 2004, we are a growing community of 100+

schools in 16 countries - in Europe & North America, Latin America, Asia and the Middle East - serving more

than 85,000 students. Each of our schools are proudly unique, however our collective purpose is to create an environment where everyone can, 'Thrive in a rapidly evolving world'.

As part of our global cyber security initiatives, we are seeking a Regional Cyber Security Lead (Senior Manager) based in our Singapore Regional office to support the Asia region. Reporting to the UK based Group Manager of Cyber Governance Risk and Compliance, with operational reporting to our Regional IT Director for Asia, the Regional Cyber Security Lead will ensure the effective communication, implementation, and adherence to cyber securitypolicies and best practices across Asia. You will lead regional incident response efforts, help regional and

local teams implement security controls, provide assurance of control implementation, and ensure

compliance with organisational policies. This role requires collaboration with diverse stakeholders,

contributing to reporting and assurance activities for both regional and global teams. There will be a travel requirement associated with this role (around 20-30%) within Asia.

Key Accountabilities

Regional Expertise and Leadership

• Develop a deep understanding of the region and its unique country-level differences, staying informed on new technologies, regulatory changes, and industry best practices as you lead and oversee cyber security initiatives for the region.

Incident Response

• Develop and implement regional incident response plans, ensuring alignment with Group Policy and best practices.
• Lead regional incident response efforts, coordinating with local IT and security teams to ensure the effective handling of security incidents.
• Act as the primary liaison between Regional Teams and Group Cyber Security during major incidents which may involve engagement with local regulators.

Implementation of Security Best Practices

• Support local IT teams in implementing security good practices based on Group policies, NIST CSF 2.0 framework, and local regulatory requirements.
• Regularly review security controls and configurations, recommending improvements to strengthen the regions security posture.

Assurance and Compliance

• Lead assurance activities to ensure compliance with security policies, standards, controls, and operational procedures, conducting regular reviews and audits.
• Assist in ensuring the region meets all regulatory requirements related to cyber security.

Reporting and Metrics

• Develop and maintain key risk and performance indicators (KRIs and KPIs) as guided by Group Cyber Security to monitor the regions security programme.
• Contribute to group-level reports, providing insights into the region's security posture for senior leadership.
• Provide the Asia Leadership Team with regular updates on cyber security progress at the school and regional levels

The Key Accountabilities listed above are not exhaustive and may be varied from time to time as dictated by the changing needs of Cognita. In this case, any significant changes or variations will be consulted with the post holder before undertaking these responsibilities.

Security Awareness and Training

• Support and lead regional security awareness initiatives, delivering tailored training to improve security culture and readiness.
• Ensure staff are informed of emerging threats and best practices for mitigation.

Cross-Functional Collaboration

• Build strong relationships with regional IT, operations, and business teams to foster collaboration on cyber risk management.
• Work closely with Group Cyber Security to ensure alignment with global initiatives.

Remediation and Transformation

• Drive remediation efforts for identified vulnerabilities, ensuring timely and effective action.
• Support broader security transformation initiatives to improve the regions cyber maturity in line with Group strategy.

Safeguarding Responsibilities

Cognita Schools are committed to safeguarding and promoting the welfare of children and young people and expects all staff, volunteers and other third parties to share this commitment. Safer recruitment practice and pre-employment background checks will be undertaken before any appointment is confirmed.

• To comply with safeguarding policies, procedures and code of conduct
• To demonstrate a personal commitment to safeguarding and student/colleague wellbeing
• To ensure that any safeguarding concerns or incidents are reported appropriately in line with policy
• To engage in safeguarding training when required

Person Specification

Essential Skills & Experience

• Ability to implement security controls, policies, and mitigation strategies within agreed budgetary guidelines and operational constraints.
• Strong working knowledge of cyber security good practices, including incident response and risk management
• Knowledge and experience working with common security management frameworks such as NIST, CIS etc.
• Experience coordinating and communicating penetration tests
• Strong analytical skills with excellent attention to detail
• Ability to plan strategically and implement positive change that is operationally sustainable.
• Ability to prepare and deliver clear reports and presentations to senior management, including the ability to clearly articulate cyber security risk to the business.
• Proficiency in using Microsoft Office applications (Word, Excel, PowerPoint)
• Excellent communication skills in English both written and verbal
• Minimum of 7 years' experience in a cyber security or GRC role, preferably within an international organisation.
• Proven ability to implement and support security best practices across regional and local teams
• Experience developing and tracking security metrics (KRIs and KPIs)
• Proven ability to manage and respond to cyber incidents effectively within the region.

Desirable Skills & Experience

• Familiarity with cyber security tools (e.g., SIEM, DLP, IDS/IPS)
• Experience working with Power BI
• Experience supporting internal and external audits and negotiating control improvements
• Good knowledge and understanding of the regulatory frameworks in the Asian countries where we operate.
• Experience coordinating major security incident response processes
• Experience managing security due diligence and integration for M&A activities
• Experience working within the education sector or a similar customer centric industry like Healthcare etc.
• Experience working in decentralised global or international business models.

Qualifications

• Relevant degree or diploma in Information Security, IT, or a related field and or;
• Relevant certifications related to information security or GRC (e.g., CISA, CISSP, CRISC)

Terms of Employment

• Based in Singapore Regional Office with hybrid work arrangement
• Official work hours: Mondays to Fridays from 9am to 6pm
• Flexibility for extended work hours to accommodate Global team based in UK as required

At Cognita how we achieve our goals is as important as what we do. Behaving in line with our values is essential to performing effectively at Cognita.

• Excellence: We aspire to achieve excellence in everything we do, no matter how big or small.
• Collaboration: Together, we are more aligned and more effective.
• Respect: We treat all with fairness, compassion and respect.
• Integrity: We do what we say we will do.

Accountability: We have a clear sense of what is expected of us, and we do our utmost to deliver, taking our responsibilities as educators seriously.

Ability to travel up to 30% in the first year (to embed security policies and practices), and also at short notice when required (to assist with local cyber incidents)

Key Stakeholders

Internal - Group IT Director, Regional IT Director, Heads of Schools, Asia Executive Team members, Regional Colleagues, Managing Directors of Operations, Group IT Senior Leadership Team, Cyber Security Teams, Other Group IT Teams, Regional and School based IT Teams, Legal.

External - Cyber Security Vendors, Partners & Third Parties, Regulators.

For interested applicants, please submit your applications to: https://cognitapeople.csod.com/ux/ats/careersite/1/home/requisition/480?c=cognitapeople&source=MyCareersFuture

Tell employers what skills you have

Background Checks
Excellent Communication Skills
Information Security
Leadership
Remediation
Cyber Security
Healthcare
Assurance
Risk Management
Security Management
Compliance
Accountability
Cyber Risk Management
CISA
Security Awareness
CISSP

---