Regional Information Security Manager (Fintech)

TL;DR

Regional Information Security Manager (Fintech): Lead the APAC regional technical risk team to govern, monitor, and continuously improve information security and cyber risk exposure in alignment with Cyber Strategy and Group CISO expectations with an accent on banking, capital markets, payments, and hedge fund businesses. Focus on conformity and risk alignment with APEX Gold standard, NIST CSF 2.0, ISO/IEC 27001:2022, ISO 31000:2018, COBIT 2019, PCI DSS v4.0/v4.0.1, and APAC-specific regulatory frameworks.

Location: Melbourne

Company

hirify.global is one of the world’s largest fund administration and middle office solutions providers.

What you will do

• Define and maintain APAC KRIs/KPIs mapped to risk appetite, implementing MQA checks and trend monitoring.
• Lead multi-tower RCSA, calibrating inherent/residual risk and driving remediation.
• Apply TRM governance for Singapore and follow HKMA supervisory cyber approach for Hong Kong.
• Ensure board accountability, control testing, and asset classification for Australia.
• Maintain conformity with PCI DSS v4.0/v4.0.1 timelines globally.
• Orchestrate communication across application/platform owners, SOC, IT Ops, Risk/Compliance, auditors/regulators.

Requirements

• 5–10 years in information security, cyber risk assurance, or GRC within financial services, with proven APAC regulatory delivery (MAS/HKMA/APRA).
• Knowledge of NIST CSF 2.0, ISO/IEC 27001:2022, ISO 31000, COBIT 2019, PCI DSS v4.0.
• Strong stakeholder management and executive presentation skills.

Nice to have

• Certs: CISM / CRISC, ISO 27001 LA, ISO 31000; cloud security (AWS/Azure/GCP).

Culture & Benefits

• Opportunity to be part of an expanding large global business.
• Competitive remuneration commensurate with skills and experience.
• Training and development opportunities.