Reporting to the Global CISO, the Head of Information Security (APAC) drives Alpaca's regional security, risk, and compliance, focusing on APAC regulations (APPI, FSA, MAS).
Collaborating with global teams (Security, Engineering, Legal, Compliance, Product) to align infrastructure, the trading platform, and internal systems with both global standards and local regulatory needs.
Merging security engineering, local compliance, risk management, and stakeholder engagement. Translating regional regulatory requirements into actionable security controls.
Serving as the main contact for regulators, auditors, and local stakeholders, enabling confident operations in highly regulated financial markets.

6+ years of experience in information security, cybersecurity, or GRC, preferably in fintech or financial services
Fluent in Japanese and English (written and verbal)
An excellent understanding of cloud security, application and infrastructure security, and risk management frameworks
Experience with security and compliance frameworks (ISO 27001, SOC 2, etc.)
Direct experience working with or supporting regulatory requirements in Japan (e.g. APPI / FSA) and/or APAC
Proven experience handling audits, regulatory exams, or compliance programs
Ability to work cross-functionally with engineering, product, and compliance teams
Strong communication skills, with the ability to translate technical risks into business impact.

Head of Information Security – APAC

Key skills