Business Information Security Officer - APAC

The Business Information Security Officer (BISO) for APAC acts as the delegate of the IBKR CISO, supporting affiliates in Australia, Japan, Singapore, India, and other APAC countries. This role ensures IBKR Group security policies and controls are implemented, informed by regional laws and regulations, and responsive to client needs. Key responsibilities include maintaining security policies, ensuring regulatory compliance, tracking remediation activities, and serving as a cybersecurity liaison with regulatory bodies and stakeholders.

Must Have

• Maintain information security policies, standards, and procedures for IBKR APAC affiliates in line with the IBKR Group policies.
• Ensure that all regulatory guidance and requirements pertinent to cybersecurity in the APAC region are properly reflected in the policies and supported by relevant and effective controls.
• Facilitate the implementation of policies, standards, and procedures, and track compliance as part of the Group-wide policy and controls assurance effort.
• Maintain a security risk register and track corresponding remediation activities.
• Serve as a cybersecurity liaison with regulatory bodies, supervising authorities, external auditors, clients, and other stakeholders in the region.
• Support and inform regional affiliates’ executive management and boards of directors on matters of cybersecurity.
• Support internal and external cybersecurity audits and assessments.
• Contribute to security initiatives at the Group level as may be required.
• Minimum of 7 years of Information Security experience.
• Experience working for a global firm in a highly regulated industry, preferably financial sector.
• Strong understanding of cybersecurity concepts and technologies.
• Familiarity with pertinent cybersecurity and data protection requirements and regulations for the financial industry.
• Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO/IEC 27001:27013, CIS CSC.
• Prior experience in at least one of the following technology areas: Application development, Network engineering or operations, System administration, Database management.
• Superior analytical abilities and problem-solving skills.
• Excellent verbal and written communication skills.
• University Degree in Information Technology, Computer Science or related field.

Perks & Benefits

• Competitive salary package.
• Performance based annual bonus (cash and stocks).
• Hybrid working model (3 days office/week).
• Group Medical & Life Insurance.
• Modern offices with free amenities & fully stocked cafeterias.
• Monthly food card & company paid snacks.
• Hardship/shift allowance with company provided pickup & drop facility.
• Attractive employee referral bonus.
• Frequent company sponsored team building events and outings.

The Business Information Security Officer (BISO) for the Asia-Pacific region (APAC) acts as the delegate of the IBKR Chief Information Security Officer (CISO) in support of IBKR affiliates and branches in Australia, Japan, Singapore, India, and other APAC countries where IBKR operates, and ensures that IBKR Group security policies and controls are properly implemented and suitably informed by relevant regional laws and regulations, as well as remain responsive to regional clients’ needs.

Key Responsibilities:

• Maintain information security policies, standards, and procedures for IBKR APAC affiliates in line with the IBKR Group policies.
• Ensure that all regulatory guidance and requirements pertinent to cybersecurity in the APAC region are properly reflected in the policies and supported by relevant and effective controls.
• Facilitate the implementation of policies, standards, and procedures, and track compliance as part of the Group-wide policy and controls assurance effort.
• Maintain a security risk register and track corresponding remediation activities.
• Serve as a cybersecurity liaison with regulatory bodies, supervising authorities, external auditors, clients, and other stakeholders in the region.
• Support and inform regional affiliates’ executive management and boards of directors on matters of cybersecurity.
• Support internal and external cybersecurity audits and assessments.
• Contribute to security initiatives at the Group level as may be required.

Qualification & Skills:

• Minimum of 7 years of Information Security experience
• Experience working for a global firm in a highly regulated industry, preferably financial sector
• Strong understanding of cybersecurity concepts and technologies
• Familiarity with pertinent cybersecurity and data protection requirements and regulations for the financial industry
• Familiarity with common security frameworks and standards, including NIST Cybersecurity Framework, ISO/IEC 27001:27013, CIS CSC
• Prior experience in at least one of the following technology areas:
• Application development
• Network engineering or operations
• System administration
• Database management
• Superior analytical abilities and problem-solving skills
• Excellent verbal and written communication skills
• University Degree in Information Technology, Computer Science or related field.