RemoteLeaf Logo
Log in Sign up

Head of Information Security (APAC)

1 hour, 2 minutes ago
Asia
Full-time
Lead
Security Engineer
Cybersecurity
Cybersecurity DevSecOps Network Security
Apply Now
Alpaca

Alpaca

Alpaca is a developer-first API for stock and crypto trading, offering easy-to-use APIs for building apps and trading algorithms.

Capital Markets
51-250
Founded 2015
$87M raised
View All Jobs 9

Description

  • Manage Alpaca’s APAC information security program.
  • Interpret regional regulatory requirements and translate them into security controls.
  • Serve as the APAC security compliance and regulatory expert.
  • Align security efforts with Global Security, Legal, and Compliance on financial services and data protection regulations.
  • Lead risk identification, assessment, and mitigation for cloud infrastructure, APIs, and trading systems.
  • Maintain and evolve regional risk registers, reporting, and governance processes.
  • Partner with Engineering on secure-by-design cloud-native infrastructure and architecture reviews.
  • Provide guidance on IAM, network security architecture, Secure SDLC, and infrastructure hardening and monitoring.
  • Lead and support regulatory exams, audits, and assessments.
  • Develop, localize, and maintain regional security policies, standards, and procedures.

Requirements

  • 6+ years of experience in information security, cybersecurity, or GRC, preferably in fintech or financial services.
  • Fluent in Japanese and English, both written and verbal.
  • Strong understanding of cloud security, application security, infrastructure security, and risk management frameworks.
  • Experience with security and compliance frameworks such as ISO 27001 and SOC 2.
  • Direct experience supporting regulatory requirements in Japan, such as APPI and FSA, and/or broader APAC regulations.
  • Proven experience handling audits, regulatory exams, or compliance programs.
  • Ability to work cross-functionally with engineering, product, and compliance teams.
  • Strong communication skills with the ability to translate technical risks into business impact.
  • Experience in brokerage, trading platforms, or financial infrastructure is preferred.
  • Experience with data privacy regulations such as APPI and GDPR is preferred.
  • Security certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor are preferred.
  • Experience building or scaling regional security programs is preferred.
  • Exposure to DevSecOps practices and modern cloud-native architectures is preferred.
  • Familiarity with AI/ML risk considerations in financial systems is preferred.

Benefits

  • Competitive salary with stock options.
  • Health benefits.
  • One-time USD $500 new hire home-office setup stipend.
  • Monthly USD $150 stipend via Brex Card.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Shakepay

Ingénieur logiciel senior, Risque

Shakepay 51-250 Diversified Financial Services

Shakepay is hiring a Senior Software Engineer, Risk to help design and evolve the core risk systems that protect customers, the company, and the broader financial ecosystem in Canada.

Canada Full-time Senior Backend Engineer Security Engineer
$130k-$173k
AWS Datadog Kafka Kubernetes Node.js System Design
2 minutes ago
JustMarkets

IAM Security Engineer

JustMarkets 1-10 Capital Markets

IAM Security Engineer at a company focused on securing identity and access across cloud, SaaS, and internal systems through practical Zero Trust controls.

Europe Full-time Mid Level Security Engineer
Bash PowerShell Python SAML
2 minutes ago
Galaxy

VP, Security Engineering (Data Centers)

Galaxy 251-1K Capital Markets

Galaxy is hiring a Security Engineer to run and improve SOC operations for its data center environment, supporting security monitoring, incident response, and automation across cloud and on-prem systems.

United States Full-time Executive Security Engineer
AWS Azure Bash CI/CD CrowdStrike Git Linux PowerShell Python Splunk
17 minutes ago
Unlimited Technology

Security Technician 

Unlimited Technology 51-250 Professional Services

Unlimited Technology is hiring a Full-Time Security Installation Technician to install, program, troubleshoot, and maintain access control and IP camera systems at client sites.

United States Full-time Mid Level Security Engineer
$60k-$90k
32 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers