Head of IT Security @istoxexchange


Full time


Jan 15

Here at iSTOX, we believe in a world where capital flows freely and efficiently so that economic participation is seamless, frictionless and meaningful.

iSTOX is the world’s first fully regulated capital markets platform in any major financial centre to feature the issuance, custody and trading of digitised securities. We are fully regulated by the Monetary Authority of Singapore and our key investors include Singapore Exchange and Heliconia (a fully owned subsidiary of Temasek). Combining the power of distributed ledger technology (DLT) and smart contracts with an innovative business model, iSTOX brings private capital markets into the 21st century. By allowing buyers and sellers to connect directly, iSTOX removes longstanding barriers that have prevented a far greater pool of investors from access to private market opportunity.

Named the Most Innovative Fintech by Global Brands, we are pushing the forefront of what capital markets of the future should look like, and you will be part of realising this in your own way. You will be part of a team that is committed to building a regulated, transparent and community-driven platform, to give everyone equal access to financial markets.

We are seeking a Head of IT Security to be part of our team. This position will report to the Head of Technology and will own the overall IT security strategy of the company. 


  • Design and execute the overall IT security strategy and frameworks, including governance, risk and compliance
  • Be responsible for overall security of critical systems and services, including cloud security
  • Own our security infrastructure and policies, perform risk analysis
  • Review IT security architecture
  • Perform internal IT Security audits on business processes, infrastructure, data privacy etc
  • Work closely with internal and external stakeholders to understand and put in place robust IT security policies, processes and tools
  • Project management, coordination with internal stakeholders and external auditors, audit reports and remediation with management
  • Provide advisory on security threats and vulnerabilities and recommend resolutions
  • Security Incident response management reporting, support and solution implementation 
  • Work with partners and vendors to ensure compliance of security requirements in an FI environment
  • Development of content and approval of policies within the data security and privacy program
  • Oversee information security awareness, data privacy and related training for employees


  • Degree in IT / Engineering or technology preferred
  • In-depth knowledge of IT Security and Governance, Risk Management and Compliance requirements and practices
  • 10+ years of experience in the various security disciplines (e.g., Data Security, Privacy program and policy, information security, information governance, incident response, information security, training and awareness, etc.)
  • Knowledge of regulatory requirements related to Privacy, including but not limited to MAS, GDPR, HIPAA, CCPA and the NIST standards or equivalent
  • Hands-on experience and knowledge on cloud security a strong advantage
  • Relevant Industry Certifications such as CISSP, CISA, CISM, ISO 27001, PCI QSA or equivalent are a must
  • Effective communicator with strong influencing and stakeholders’ engagement skills
  • Pro-active with multi-tasking capacities, and comfortable to work hands-on as an individual contributor or member of a larger team
  • Good people management skills to drive team in meetings and achieving high performance result or project goals

Apply for this position


Your application has been successfully submitted.

Please fix the errors below and resubmit.

Something went wrong. Please try again later or contact us.

Personal information




More Choices, Better Opportunites.

Apply for this position