Chief Information Security Officer – Indonesia

Binance


Job Location:

Jakarta - Indonesia

Monthly Salary: Not Disclosed
Posted on: Yesterday
Vacancies: 1 Vacancy

Job Summary

Binance is a leading global blockchain ecosystem behind the worlds largest cryptocurrency exchange by trading volume and registered users. We are trusted by 300 million people in 100 countries for our industry-leading security user fund transparency trading engine speed deep liquidity and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education research payments institutional services Web3 features and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

We are seeking an experienced and strategic Chief Information Security Officer (CISO) to lead our cybersecurity operational resilience and regulatory compliance initiatives across Indonesia. This role will ensure adherence to Indonesian financial and data protection regulations including OJK (Otoritas Jasa Keuangan) cybersecurity regulations Bappebti crypto-asset rules the Personal Data Protection (PDP) Law (Law No. 27 of 2022) and relevant Bank Indonesia guidelines while aligning with Binances global security framework.

The ideal candidate will have deep expertise in cybersecurity governance IT risk management incident response and a proven track record in aligning with Indonesian and international regulatory frameworks. This is a hands-on leadership role requiring both strategic vision and operational execution.

Responsibilities

Strategic Leadership

  • Define and execute the Indonesian cybersecurity and operational resilience strategy aligned with local regulatory requirements and global Binance business objectives.

  • Act as the primary advisor to executive leadership and the board on information security risks and regulatory obligations in Indonesia.

  • Represent Binance in engagements with Indonesian regulators including OJK Bappebti Bank Indonesia and the Ministry of Communication and Information Technology (Kominfo) on cybersecurity data protection and operational resilience matters.

  • Lead the implementation of cybersecurity programs aligned with OJK Regulation on Cyber Security Management (POJK on Cyber Security) Bappebti crypto-asset regulations and PDP Law requirements.

Regulatory Compliance

  • Lead the design and implementation of security frameworks and controls aligned with:

- OJK Cyber Security Management regulations and governance guidelines

- Bappebti regulations on crypto-asset trading and exchange operations

- PDP Law (UU PDP) Indonesias Personal Data Protection Law

- Bank Indonesia payment systems and electronic money regulations (as applicable)

- Kominfo regulations on electronic systems and data protection (PSE framework)

  • Develop and maintain policies procedures and documentation to ensure ongoing compliance with Indonesian regulations and international standards.

  • Ensure timely regulatory reporting breach notifications (including PDP Laws 72-hour notification requirement) and response to regulatory inquiries and audits.

  • Liaise with Indonesian regulatory bodies and ensure proactive engagement on emerging cybersecurity requirements.

Risk & Incident Management

  • Oversee risk assessments security architecture reviews and cyber risk reporting at the regional level.

  • Implement and maintain incident detection and response capabilities in line with Indonesian regulatory requirements ensuring proper reporting timelines and impact assessments.

  • Coordinate response to major cyber incidents affecting Indonesian operations including mandatory breach notifications to OJK/Bappebti/Kominfo as required.

  • Establish and lead the Computer Security Incident Response Team (CSIRT) for Indonesian operations.

Third-Party & Supply Chain Risk

  • Ensure third-party ICT service providers meet contractual and regulatory standards including oversight of cloud service providers and concentration risk assessments.

  • Collaborate with procurement and legal teams to review contracts conduct due diligence and manage exit strategies in compliance with PDP Law data transfer and processor obligations.

  • Manage Third party integrations risk to ensure alignment with security standards and SLAs.

Cybersecurity Operations

  • Guide the security operations function in Indonesia including vulnerability management monitoring and threat intelligence.

  • Partner with global SOC Security Governance and IT teams to align threat detection and response capabilities.

  • Drive cyber threat & vulnerability management/penetration tests as per the regulatory framework.

  • Implement robust resilience best practices to ensure that Binance products remain best in class.

Cybersecurity Governance

  • Lead Security Risk Management with all stakeholders as per the Security Risk Framework.

  • Accountable to the regulatory authority for all Security and IT Governance matters in Indonesia.

  • Maintain and develop security governance practices including regulatory board and committee reporting.

  • Work as part of the three lines of defense model to ensure funds data and systems are secure.

  • Ensure all security obligations for governance regulatory and compliance matters are delivered.

  • Assist the delivery of internal and external audits related to Technology and Security.

  • IT security risk management for new projects and/or any integration with third-party vendors.

  • Manage the local security team and contribute to continual improvement of the global department.

  • Security incident management including prompt reporting to senior management and other teams.

  • Facilitate continual alignment to regulatory compliance obligations and international standards.

Requirements

  • Fluency in English and Bahasa Indonesia; currently based in Jakarta or willing to relocate.

  • Held an approved persons role within a regulated financial institution in Indonesia (preferred).

  • Track record of international company experience and cyber security in a regulatory context.

  • A combination of senior management and deep cyber security experience is mandatory.

  • Security community contributor either through published material or international conferences.

  • Demonstrable experience in a global team with a rich multicultural fast-paced environment.

  • 6 years of experience in finance or a related sector focusing on security and technology compliance in a global firm.

  • In-depth knowledge of Indonesian financial and data protection regulations including OJK cybersecurity regulations Bappebti rules PDP Law (UU PDP) and Kominfo PSE regulations.

  • Demonstrated success in leading cross-functional cybersecurity teams across multiple jurisdictions.

  • Experience managing ICT risk cyber incidents third-party vendors and penetration testing in line with regulatory standards.

  • Deep understanding of Indonesian cybersecurity regulations and operational resilience principles.

  • Bachelors degree or higher in information technology cyber security or related field.

  • Track record in self-motivated leadership and excellent communication and listening skills.

  • Proven management of cyber security operations with hands-on implementation skills.

  • Delivery of best practices for international data privacy and information security frameworks.

  • NIST Cybersecurity & Privacy Framework ISO 27001/ISO 27701 CIS and PCI-DSS.

  • Must seek excellence by default and show a passion for collaboration and team achievement.

  • Demonstrable experience delivering effective business and technical security solutions.

  • A passion for the latest cyber security trends and emerging threats is essential.

  • Mandatory requirement for experience engaging directly with a regulatory body (OJK Bappebti Bank Indonesia or Kominfo) and implementing regulators recommendations.

  • Certifications are a plus: CISSP CISM CEH CIPP CIPM FIM ISO 27701 ISO 27001 Lead Auditor and/or ISC2 ISACA GIAC CREST.

Why Binance
Shape the future with the worlds leading blockchain ecosystem
Collaborate with world-class talent in a user-centric global organization with a flat structure
Tackle unique fast-paced projects with autonomy in an innovative environment
Thrive in a results-driven workplace with opportunities for career growth and continuous learning
Competitive salary and company benefits
Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.
By submitting a job application you confirm that you have read and agree to our Candidate Privacy Notice.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.

Required Experience:

Chief

Binance is a leading global blockchain ecosystem behind the worlds largest cryptocurrency exchange by trading volume and registered users. We are trusted by 300 million people in 100 countries for our industry-leading security user fund transparency trading engine speed deep liquidity and an unmatch...

About Company

Company Logo

Binance is a blockchain ecosystem comprised of Exchange, Labs, Launchpad, Info, Academy, Trust Wallet, and Blockchain Charity Foundation (BCF). Binance Exchange is one of the fastest and most popular cryptocurrency exchange platforms in the world, capable of processing over 1.4 millio ... View more

View Profile View Profile