About Aqovia:

At the Intersection of Innovation and Impact, introducing Aqovia. Aqovia is an international technology firm dedicated to creating tangible value through the power of AI, data-driven, and bespoke software solutions and services.

Our unique approach extends beyond traditional service and solutions delivery, we strategically invest in and nurture a diverse portfolio of promising companies operating across vital sectors including; financial services, health, infrastructure management, sustainability, education, and business intelligence.

This commitment to fostering innovation across a broad spectrum allows Aqovia to stay at the cutting edge, delivering transformative solutions and creating significant impact. For our clients and strategic partners.

Job Description:

Aqovia is seeking a Security Officer to lead and enhance our Information Security Management System (ISMS) and strengthen our global security posture. This role is responsible for ensuring compliance and accreditation with relevant international security standards and frameworks.

You will oversee security governance, risk management, and operational security processes, ensuring the protection of our platforms, data, and services, including fintech and cloud-based solutions used across our client base.

As Aqovia continues to scale, this role will naturally evolve with the organisation. The successful candidate will have the opportunity to grow into expanded leadership responsibilities, with potential progression toward a CISO-level or equivalent senior security leadership position as our security function matures.

Key Responsibilities:

• Oversee the organisation’s security infrastructure, governance, and operational security across all operating territories (currently Pakistan, UAE, and UK), including all client engagements. 

• Author, review, and maintain comprehensive security policies, procedures, and standards aligned to recognised frameworks such as ISO 27001, NIST CSF and OWASP ASVS..

• Conduct regular risk assessments, audits, monitoring and compliance reviews and reports to meet international and regional regulatory expectations.

• Perform security awareness training for employees including during both onboarding and on an ongoing basis.

• Ensure achievement and renewal of all necessary security accreditations including ISO 27001, Cyber Essentials and PCI-DSS.

• Manage corrective action plans and lead remediation efforts for identified security risks. 

• Perform due diligence for supply chain and vendor security, including third-party risk assessments for partners in Pakistan, UAE, and the UK. 

• Produce SOC2 reports.

• Collaborate closely with engineering, delivery, and client teams to improve overall security maturity and awareness across the organisation with a DevSecOps approach.

• Monitor emerging cybersecurity threats, technologies, and compliance requirements to proactively enhance the security framework. 

• Support security requirements for cloud, SaaS, fintech, and platform-based deployments across multiple markets.

Qualifications:

• Significant experience in information security, ideally in fintech, telecom, digital platforms, or technology services. 

• Proven experience implementing ISO27001 and securing accreditation in an agile software development environment.

• Familiarity with, and commitment to, a DevSecOps approach to software security..

• Demonstrate understanding of cyber security frameworks such as NIST CSF or Cyber Essentials and web application security frameworks such as OWASP ASVS..

• Strong knowledge of assurance and auditing frameworks, especially SOC2. 

• Demonstrated experience in developing and maintaining information security policies and operational security procedures. 

• Experience leading risk management initiatives and managing corrective action plans. 

• Familiarity with third-party risk management and supply chain security. 

• Strong stakeholder management and the ability to partner effectively with cross-functional and international teams. 

• Professional certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor are preferred. 

• Broad technical understanding across Cloud, SaaS, SDLC, Identity & Access Management (IAM), networking, and vulnerability management.

Skills:

• Excellent communication skills, with the ability to articulate risk and security concepts to both technical and non-technical audiences. 

• Strong analytical, investigative, and problem-solving abilities. 

• Ability to work collaboratively and lead initiatives in a fast-paced, multi-regional environment. 

• High level of integrity, discretion, and professionalism in handling sensitive information.

 
Joining Aqovia means:

• Making a real difference: You'll be part of a team developing solutions that empower businesses while contributing to sustainable practices.

• Growth opportunities: We invest in our employees' development and offer a path for career advancement.

• Collaborative culture: We value teamwork, open communication, and a supportive environment.

• Competitive benefits package: TBC and discussed with the talent team

If you're a problem-solver who thrives in a fast-paced environment and shares our commitment to positive impact, we encourage you to apply!

Equal Opportunity Employer:

At Aqovia, we believe in the strength of diversity. We strive to reflect the varied markets we serve and foster an inclusive culture where everyone feels welcome, valued, and empowered to be their authentic selves. As an equal opportunity employer, we are committed to embracing all forms of diversity across our organisation.