Alaya is a place where dreams take shape and grow. Originally founded as Home Loan Experts in 2007, the company expanded its reach by establishing HLE Nepal in 2012, which later rebranded to Alaya. This transformation signifies Alaya's unwavering commitment to supporting not only its customers and clients but also its community and colleagues. Alaya goes beyond being a mortgage industry leader, offering a boundless place of limitless potential where individuals can dedicate their hearts, flourish, and shine. Alaya redefines the power of place, becoming "Your Place" to dedicate your heart, to flourish, and to shine.
Alaya and Home Loan Experts offer more than mortgage expertise; it's a place where you can thrive. Here, we value Passion, Care, and Oneness, caring deeply for our team and embracing unity. Together, the Alaya team operates as one, united in their mission to help people realise their dreams.
Who you areWe're looking for a seasoned Cybersecurity & IT Operations Lead to own and elevate our security posture and IT operations. This is a one-year contractual position with strong intent to extend for the right person. This high-impact hybrid role blends cybersecurity leadership with management of IT service delivery.
You'll hold central accountability for our ISO 27001 certified ISMS, lead and mentor a team supporting operations across Nepal and Australia, and work closely with colleagues in Sydney. You'll inherit a functioning ISMS operating model and a team already in place; your job is to run it, strengthen it, and make sure nothing slips.
This is your chance to build a resilient, secure, and scalable tech environment that empowers every part of our business to thrive.
You're someone who is...- A strategic thinker with a hands-on mindset
- Calm under pressure and energised by solving complex challenges
- Driven to hold people and processes to standard across teams you don't directly manage, and quick to spot gaps before they slip
- Passionate about cybersecurity trends and continuous improvement
- Fluent in translating tech issues into actionable business insights
- Own and manage our ISO 27001 certified ISMS
- Lead risk assessments, threat analysis, and information security incident review and response
- Take a joint lead in ISO audits and drive security controls and improvements across the organisation
- Set security standards for the technology we build in-house, including our AI systems, and for the third-party tools and vendors we adopt
- Lead the team operating our EDR, firewalls, IAM, and access controls
- Deliver security awareness training and foster a security-first culture
- Oversee daily IT support/helpdesk operations and SLAs
- Own our multi-office network setup, architecture, and connectivity, including firewalls, bandwidth, and ISP management, delivered through your team
- Manage IT assets, procurement, vendors, and SaaS systems (Google Workspace, M365, VoIP, etc.) in partnership with the Administrative team
- Optimise ITSM processes and support disaster recovery and business continuity
- Lead and mentor your IT and security team, delegating clearly and engaging them in ISMS work
- Align cybersecurity and IT strategies with business goals
- Report on risks, metrics, and progress to leadership and the ISMS Steering Committee
- Drive upskilling and performance initiatives across your team
- Bachelor's or Master's in Computer Networking, IT Security, Cybersecurity, or a related field, or equivalent practical experience
- 5 to 8 years' experience in cybersecurity and IT operations roles, including team leadership
- Hands-on expertise with ISO 27001, ISMS, EDR/XDR tools, cloud, and networks
- Proven ability to hold people and processes to standard across teams you don't directly manage
- Strong track record in managing IT service delivery and operational KPIs
- Relevant certifications such as ISO 27001 Lead Implementer or Auditor, Security+, or ITIL are an advantage
- A Passion-Driven Environment: Work with a team that's passionate about what they do and driven to succeed.
- Care for You: We prioritise your well-being, offering a supportive and inclusive workplace culture.
- Oneness in Diversity: Be part of a diverse team where every voice is heard and valued. Together, we celebrate our successes and grow stronger as one.
- Comprehensive Benefits:
- Five Working Days (Mon-Fri)
- Complimentary full breakfast
- Working with cross-cultural teams across Australia and Nepal
- Medical and accidental insurance coverage for you and two beneficiaries.
- Exclusive Leaves:
- 18 days of paid annual leave.
- 12 days of paid sick leave.
- 1 day floating leave
- 4 months of paid maternity leave.
- 1 month of paid paternity leave.
- 13 days of paid public holidays (Extra 1 day for female employees)
- Various exclusive bonuses, including profit, festival, and book reading bonus
- Employee Assistance Program (EAP) for work-based counselling.
- Employee engagement and well-being activities and events.
- Educational discounts through partnerships with various top colleges.
- Continuous learning and development opportunities
- Monthly and Quarterly Awards and Recognition
- Employee referral bonus for recommending new hires.
- Customer Referral - Refer your friends and relatives in Australia to use our services, and we'll reward you!
Work hours: 7 AM - 3 PM
Our office premises are open, and we'd be delighted to welcome you to work with us on-site if you're hired!
Disclaimer: By submitting your job application, you are consenting to the retention of your personal data in our database for recruitment purposes. Your data will be held securely and will only be accessible to authorized personnel.
Skills Required
- Bachelor's or Master's in Computer Networking, IT Security, Cybersecurity, or related field, or equivalent practical experience
- 5 to 8 years' experience in cybersecurity and IT operations roles, including team leadership
- Hands-on expertise with ISO 27001 and operating an ISMS
- Hands-on expertise with EDR/XDR tools
- Hands-on expertise with cloud platforms and enterprise networks
- Experience operating and managing firewalls, IAM, and access controls
- Proven ability to enforce processes and standards across teams you don't directly manage
- Strong track record managing IT service delivery, SLAs, and operational KPIs
- Experience with Google Workspace, Microsoft 365, VoIP, and other SaaS systems
- Experience optimizing ITSM processes and supporting disaster recovery and business continuity
- Experience leading audits, risk assessments, incident response, and delivering security awareness training
- Certifications such as ISO 27001 Lead Implementer/Auditor, Security+, or ITIL
What We Do
Redefining the finance outsourcing experience through you. Alaya (formerly HLE Nepal) is your place to shine.







