Cybersecurity Officer

At Toku, we create bespoke cloud communications and customer engagement solutions to reimagine customer experiences for enterprises. We provide an end-to-end approach to help businesses overcome the complexity of digital transformation in APAC markets and enhance their CX with mission-critical cloud communication solutions. Toku combines local strategic consulting expertise, bespoke technology, regional in-country infrastructure, connectivity and global reach to serve the diverse needs of enterprises operating regionally.   

As we continue creating momentum for our products in the APAC region and helping customers with their communications needs, We are seeking a highly skilled and dedicated Cybersecurity Officer to join our team. The ideal candidate will be responsible for ensuring the security and integrity of our organization's information systems and data. This role involves developing and implementing security policies, conducting risk assessments, and leading incident response efforts. 

This role offers broad exposure over a number of information security aspects, including GRC, InfoSec, Cybersecurity and more. In addition, you be part of a new and growing security function at Toku, and will be highly visible across stakeholders and teams, liaising regularly with senior architecture, development, cybersecurity and network stakeholders both in-house and externally. Join us as we strengthen our security posture, inspire a culture of compliance, and drive our organization towards a secure and resilient future.  

What would you be doing?   

• Identify and evaluate existing security risks, both in-house and on client projects, and implement enhancements. 

• Develop and implement comprehensive cybersecurity policies and procedures. 

• Formulate and institute robust policies, procedures, and standards for secure technology utilization. 

• Provide Information Security advisory services, focusing on cybersecurity strategy and governance. 

• Attend client site meetings, answering clients’ risk management and security questions and addressing / reporting security concerns.  

• Conduct regular risk assessments to identify and mitigate potential security threats. 

• Develop risk management strategies and implement appropriate security measures. 

• Lead the organization’s incident response efforts, including detection, investigation, and remediation of security incidents. 

• Design and implement security architecture for new and existing systems. 

• Ensure the security of software development lifecycle (SDLC) and CI/CD processes. 

• Collaboratively work with security vendors for incident response and alerts monitoring. 

• Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation.  

• Ensuring audit trails, system logs and other monitoring data sources are reviewed periodically and follow and adhere to regulatory policies. 

• Stay up to date on latest security trends and standards, conduct research on security improvements and provide recommendations to clients and stakeholders. 

• Proactively manage and report on security findings, ensuring timely communication and follow-up with the client on mitigation or resolution efforts. 

We would love to hear from you if you have:  

• A degree in a reputable university.  

• Proven experience in cybersecurity, with strong understanding of security requirements analysis, testing, and validation processes. 

• Professional information security certifications such as CISSP, CompTIA Security+, AWS Security Certifications, or equivalent are a bonus for this role. 

• Confidence in presenting, with strong verbal and written business communication skills, and the ability to educate a non-technical audience about various security measures.  

• Excellent analytical skills and attention to detail. 

• In-depth knowledge of cybersecurity principles, practices, and technologies. 

• Strong understanding of risk management and incident response processes. 

• Familiarity with industry standards and regulatory requirements (e.g., ISO27001, SOC2, GDPR). 

• Experience with security monitoring tools and technologies. 

• Bachelor’s degree in Computer Science, Information Technology, or a related field. 

• Relevant certifications such as CISSP, CISM, or CEH. 

• Knowledge of current cybersecurity threats and trends. 

If you would love to experience working in a start-up growing at an accelerated speed, and you think you tick most of the requirements, join us!