Head of IT and Security

**The Company** RightShip is the world's biggest third party maritime due diligence organization, providing expertise in global safety, sustainability and social responsibility best practices. We bring together years of industry expertise with the output from analytics and large data sets to provide our safety and environmental scoring systems, recommendations and consultancy services. Using leading data and technology, we aim to set new benchmarks in environmental protection. We support global initiatives and action influencing practical and impactful change, enabling "win-win" for business and the environment. **What we offer** We offer a place where you know you are contributing to an organization who are constantly working to ensure ships are safe as possible so that crew and cargo are protected. We are passionate about maritime efficiency, safety and sustainability practices. We offer generous rewards. Our base salary is competitive, we support employee wellbeing and provide our employees with a Healthy Living Allowance and our annual incentive scheme is awesome. We have some great talent who are happy to share their experience and skills to help you on your way and we are committed to professional development to make sure your career keeps growing while you're working with us. **What makes RightShip a great place to work at**: RightShip is an equal opportunity employer, and we champion diversity. Our teams are composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities, and generations. We believe that a diversity of experiences makes us stronger—as individuals, as communities and as an organization. **Major Responsibilities** **IT Strategy and Leadership** Define and implement the global IT and cyber security strategy aligned with business objectives. Lead digital transformation initiatives to improve business efficiency and scalability. Provide information technology vision and leadership to senior management and key stakeholders. Contribute to enterprise strategic planning as part of the leadership team. **Cyber Security Governance** Develop and enforce cyber security policies, standards, and procedures and ensure the company is compliant with global frameworks and regional data protection regulations (e.g., SOC2, ISO 27001). **IT Operations and Service Delivery** Oversee day-to-day IT operations including infrastructure, cloud services, user support, and service desk. Ensure high availability and performance of business-critical systems (ERP, CRM, collaboration tools). Maintain strong vendor relationships and manage IT-related contracts and SLAs. **Infrastructure and Network Development and Maintenance** Direct and oversee infrastructure and its maintenance to ensure business requirements are met. **Information Security** Identify and drive recommendations for improvements and adoption of best practices to prevent any business impact of security incidents. **Cybersecurity Risk Management** Lead the enterprise cybersecurity risk management implementation, aligning risk activities with IT security standards, oversee risk assessments, audits, penetration testing, vulnerability management, incident response planning, and disaster recovery processes. **External Consultant or Contractor Engagement** Identify the requirement for, and participate in the selection of, external consultants or advisers to deliver projects and/or ad hoc services; ensure business objectives and requirements are clearly understood and monitor outcomes, taking appropriate remedial action where necessary. **Compliance and Audit** Lead audits and compliance reviews (internal and external). Maintain a security posture that protects intellectual property, customer data, and business continuity. **Stakeholder and User Engagement** Act as the primary point of contact for IT and security matters for internal stakeholders, external auditors, and regulators. Foster a user-centric culture and ensure the IT function supports operational efficiency across departments. Communicate technical risks and initiatives to non-technical stakeholders in business terms. **Continuous Improvement** Identify and evaluate emerging technologies to enhance business capabilities. Promote a culture of continuous improvement within the IT and security function. Lead initiatives in automation, cloud migration, and modern workplace solutions. **Budgeting** Own and manage the IT and cyber security budget, ensuring cost-effectiveness and return on investment. **Performance Management** Manage and report on performance within the department or area of responsibility; set appropriate performance objectives for direct reports and hold individuals accountable for achieving them; take appropriate corrective action where necessary to ensure the achievement of annual business objectives. **Qualifications, Skills and Experience** - Tertiary qualifications in Computer