Chief Information Security Officer

**Job Description - Chief Information Security Officer (CISO)**

**About the Role**

We are seeking an experienced **Chief Information Security Officer (CISO)**with proven expertise in **regulated Digital Payment Token (DPT) environments**to lead the cybersecurity and data privacy strategy of our client’s trading platform. This role will be pivotal in ensuring the resilience, security, and compliance of our operations under the **Monetary Authority of Singapore (MAS) requirements**, while driving a culture of security-first across the organization.

The CISO will oversee **cybersecurity strategy, governance, operations, incident response, and data privacy**, ensuring strong alignment with regulatory expectations, business goals, and client trust.

**Key Responsibilities**

**Cybersecurity Leadership & Strategy**
- Define and execute the **local cybersecurity and data privacy strategy**, ensuring alignment with global policies and regulatory requirements.
- Act as the **primary security authority**for the Singapore entity licensed under the **Payment Services Act (PSA) for Digital Payment Tokens (DPT)**.
- Establish, maintain, and continuously improve the **Information Security Management System (ISMS)**in compliance with MAS guidelines, ISO 27001, NIST, and other relevant frameworks.

**Risk Management & Compliance**
- Oversee **cyber risk assessments, threat modeling, and vulnerability management**.
- Ensure compliance with **MAS Technology Risk Management (TRM) Guidelines**, **Outsourcing Guidelines**, and **AML/CFT security expectations**.
- Liaise with regulators (e.g., MAS) on cybersecurity matters, inspections, and audits.
- Maintain strong knowledge of **crypto and fintech regulatory environments**, including emerging requirements in Singapore and other jurisdictions.

**Security Operations & Incident Response**
- Lead **Security Operations Center (SOC)**activities, threat intelligence, monitoring, and response.
- Develop and maintain **incident response playbooks**, ensuring rapid detection, containment, and recovery from cyber threats.
- Oversee data protection controls, including **encryption, DLP, and access management**.
- Drive adoption of **secure by design principles**across product development and trading platform architecture.

**Data Privacy & Protection**
- Ensure compliance with the **Personal Data Protection Act (PDPA)**and global privacy frameworks (e.g., GDPR).
- Oversee **data classification, handling, retention, and cross-border data transfer policies**.
- Conduct privacy impact assessments (PIAs) and support the business in privacy-by-design initiatives.

**Stakeholder Management & Leadership**
- Partner with Product, Engineering, Compliance, and Risk teams to balance security with business agility.
- Advise the Board and Executive Leadership on cyber risks, KPIs, and KRIs.
- Build and mentor a **local cybersecurity and privacy team**, while coordinating with global security teams.
- Promote **security awareness training and culture**across the organization.

**Requirements**:

- Proven experience as a **CISO, Head of Information Security, or equivalent senior cybersecurity leadership role**.
- Prior experience working in a **regulated Digital Payment Token (DPT) / trading platform**under the **Payment Services Act (Singapore)**.
- Deep knowledge of **MAS TRM Guidelines, Payment Services Act (PSA), AML/CFT requirements**, and data privacy laws (PDPA, GDPR).
- Strong understanding of **blockchain, crypto custody, wallets, key management, and trading systems security**.
- Hands-on expertise in:

- Cybersecurity frameworks: ISO 27001, NIST, CIS Controls.
- Security technologies: SIEM, SOC, IAM, EDR, DLP, encryption.
- Cloud and container security (AWS, Kubernetes, DevSecOps).
- Strong communication and stakeholder management skills, with the ability to engage regulators, executives, and engineering teams.
- Professional certifications such as **CISSP, CISM, CISA, CRISC, CCISO**or equivalent.
- Bachelor's degree in Computer Science, Information Security, or related field (Master’s degree preferred).

**Preferred Attributes**
- Experience scaling security programs in **fast-paced crypto, fintech, or trading environments**.
- Ability to anticipate regulatory trends and proactively prepare compliance strategies.
- Strong leadership skills with the ability to **build and grow local cybersecurity teams**.
- Strategic thinker with hands-on capability when required.

Tech Aalto Pte Ltd | 24S2130 EA

Pushpanjli Kir | R1657306.