Head of Security - Global Fintech Firm - APAC (Remote)

Our client, a global fintech firm, is actively seeking a Head of Security to join their team. The successful individual will have strong SaaS experience along with experience at SME's.

You will be responsible for defining and executing their global security strategy across enterprise (IT), production infrastructure (SaaS platform) and secure SDLC. You will lead efforts to safeguard their systems, data, and people, ensuring their platforms and operations remain compliant, secure, and scalable.

More about the role:

• Collaborate cross-functionally with engineering, compliance, and operations teams to build a robust security posture in alignment with international standards such as ISO 27001, SOC2 and local regulations.
• This position is ideal for someone with deep experience in security within large-scale SaaS environments and a passion for building secure, enterprise-ready solutions.
• Develop and execute global security initiatives across infrastructure, cloud platforms, SDLC, and application environments.
• Create security policies and controls aligned with ISO 27001, SOC2, and data privacy regulations (GDPR, PDPA), managing documentation and implementation.
• Lead cybersecurity incident monitoring, investigation, and response, including documentation processes.
• Partner with IT to design and oversee implementation of access management, endpoint, and network security controls.
• Develop zero-trust security architecture implementing least privilege, strong authentication, and continuous verification principles
• Monitor emerging cybersecurity threats, vulnerabilities, and industry trends to proactively evolve our security strategy and maintain a forward-looking defense posture.
• Manage security budget and resources, evaluating security tools and developing procurement strategy.
• Implement security best practices in the SDLC, including security architecture design, threat modeling, and DevSecOps.
• Coordinate security audits and certification readiness (ISO 27001, SOC2) with Tech Risk, Compliance, and Legal departments.
• Design security awareness programs to foster a strong security culture across the organization.
• Oversee physical security controls in collaboration with facilities management..

What you offer:

• 15+ years of experience in security roles, with at least 5 years in a leadership position within a SaaS or high-growth tech environment.
• Proven experience managing security programs across multiple global regions (US, EMEA, APAC).
• Strong understanding of security frameworks (ISO 27001, SOC2, NIST) and data privacy laws (GDPR, CCPA, PDPA, PIPL).
• Hands-on experience with cloud security (Azure, AWS), application security, and remote-first environment security.
• Experience designing and implementing zero-trust security architectures.
• Strong communication skills with proven ability to work cross-functionally in international environments.
• Demonstrated success leading security audits, risk assessments, and incident response programs.
• Industry-recognized security certifications (CISSP, CISM) and cloud security certifications.
• Experience with modern security technologies including cloud-native, container, and API security.
• Proficiency with security automation and DevSecOps methodologies.
• Experience supporting security assurance in enterprise sales and technical due diligence.
• Demonstrated success balancing business enablement with effective risk management.

The sell:

• Competitive compensation (including equity)
• Remote work flexibility
• Global visibility