Chief Security Officer, Singapore

Join the Pioneer Crypto Brand in the Philippines! Coins is the most established crypto brand in the Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services. Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

• Security Strategy & Governance

  Develop the company's long‑term and short‑term security strategy, security roadmap, and risk appetite, aligning with business development goals and global regulatory requirements. Establish and improve the company's security governance system, including security policies, standards, processes, and operating procedures, and promote the implementation and supervision of the entire company. Lead the formulation of security assessment indicators, conduct regular security risk assessments, security audits, and compliance reviews, and issue security reports to the CEO and board of directors. Coordinate cross‑departmental security work, promote the integration of security into product design, technology development, business operations, and other full business links (Shift‑Left Security).

• Cyber Security & Technical Defense

  Lead the construction and operation of the company's cyber security system, including network security, application security, endpoint security, cloud security, and blockchain security (on‑chain security, wallet security). Manage the Security Operations Center (SOC), establish real‑time monitoring, threat detection, and emergency response mechanisms, and promptly respond to cyber attacks such as phishing, DDoS, ransomware, data breaches, and on‑chain attacks. Promote security technology research and application, including AI‑driven threat intelligence analysis, automated vulnerability scanning, penetration testing, and security automation and orchestration (SOAR). Responsible for the security of the company's core systems (trading system, payment system, wallet system, user data system) to prevent system loopholes, data leaks, and malicious attacks.

• Asset & Physical Security

  Formulate and implement the company's asset security strategy, including the security management of digital assets (cold/hot wallet security, private key management, fund isolation, and anti‑theft mechanisms). Establish and manage the company's physical security system, including office areas, computer rooms, and data centers, covering access control, video surveillance, fire protection, and anti‑theft measures. Coordinate with third‑party security service providers such as security guards and security technology companies to ensure the physical security of the company's premises and assets.

• Security Compliance & Regulatory Alignment

  Ensure the company's security work complies with global regulatory requirements related to digital currency and payment services, including FATF recommendations, MiCA, local regulatory requirements for major markets such as Hong Kong SFC and US regulatory requirements, and data protection laws such as GDPR. Cooperate with the compliance team to complete security‑related compliance filings, audits, and inspections, and respond to regulatory inquiries and requirements. Establish security compliance training and awareness promotion mechanisms to improve the security compliance awareness of all employees.

• Security Incident Response & Crisis Management

  Develop and improve security incident emergency response plans, lead the handling of major security incidents such as data breaches, cyber attacks, asset theft, and security compliance incidents, and minimize losses. Conduct post‑incident reviews, root cause analysis, summarize experience, and optimize security systems and processes to prevent similar incidents from recurring. Manage security crisis public relations, coordinate with relevant departments to release information, and maintain the company's brand reputation and user trust.

• Team Building & Talent Development

  Build, manage, and develop the security team, formulate team OKRs and performance assessment systems, and cultivate a professional security talent echelon. Guide the professional growth of team members, organize security training and technical exchanges, and improve the team's overall security capabilities. Establish cooperative relationships with industry security organizations, security vendors, and regulatory authorities to track the latest security trends and technologies.

• Security Collaboration & Ecosystem Construction

  Collaborate with product, technology, operations, compliance, customer service, and other departments to integrate security requirements into business processes and product iterations. Establish security cooperation mechanisms with partners such as payment channels, liquidity providers, and custodians to ensure the security of the entire business ecosystem. Participate in industry security exchanges and standards formulation, and enhance the company's influence in the digital currency security field.

• Experience: 10+ years of information security and risk management experience, 5+ years of CSO or equivalent senior security management experience in compliant digital currency exchanges, payment institutions, or financial technology companies; deep understanding of the digital currency trading and payment business model, full business links, and security pain points.
• Professional Expertise: Proficient in cyber security, network security, application security, data security, blockchain security, and digital asset security management; familiar with global digital currency and payment security regulatory frameworks and compliance requirements; rich experience in security compliance audits and regulatory inspections; rich experience in security incident response, crisis management, and security system construction; able to guide technical team implementation of SOC, SIEM, vulnerability scanning, penetration testing, encryption technology, and wallet security technology.
• Regulatory & Compliance Awareness: Strong sense of compliance and risk control, able to accurately grasp global security regulatory trends, and ensure the company's security work meets regulatory requirements.
• Leadership & Management: Excellent leadership and team management capabilities, able to build and lead a high‑performance security team; strong cross‑departmental coordination and resource integration capabilities.
• Communication Skills: Excellent oral and written communication skills in both Chinese and English, able to effectively communicate with regulatory authorities, partners, and internal teams.
• Education: Bachelor’s degree or above in Computer Science, Information Security, Cybersecurity, Finance, Law, or related fields; professional certifications such as CISSP, CISM, CISA, CRISC, or ACAMS are preferred.

• Experience in license application and compliance operation for digital currency exchanges and payment institutions in major global markets such as Hong Kong, the United States, and the European Union.
• Rich experience in on‑chain security analysis, DeFi risk control, digital asset custody security, and anti‑money laundering practice in the crypto industry.
• Experience leading the handling of major cyber security incidents such as on‑chain attacks and data breaches in the crypto industry and having a complete incident handling and review system.
• Familiar with the latest global cyber security technologies and threat trends, and experience in promoting the application of innovative security technologies such as AI security and zero‑trust architecture.

Join the Coins Team Now! Meaningful Collaborations - The successful candidate will work cross‑functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience. Scalable Growth - Be part of a fast‑growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement. A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes! Coins culture welcomes new ideas backed up by data to create an impact.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.