Binance is hiring a
Web3 Chief Information Security Officer – Indonesia

Location: Indonesia, Jakarta

Chief Information Security Officer – Indonesia

Indonesia, Jakarta
Security & IT Helpdesk – Security /
Full-time: Remote /
Remote

apply for this job
Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by 300+ million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

We are seeking an experienced and strategic Chief Information Security Officer (CISO) to lead our cybersecurity, operational resilience, and regulatory compliance initiatives across Indonesia. This role will ensure adherence to Indonesian financial and data protection regulations — including OJK (Otoritas Jasa Keuangan) cybersecurity regulations, Bappebti crypto-asset rules, the Personal Data Protection (PDP) Law (Law No. 27 of 2022), and relevant Bank Indonesia guidelines — while aligning with Binance's global security framework.

The ideal candidate will have deep expertise in cybersecurity governance, IT risk management, incident response, and a proven track record in aligning with Indonesian and international regulatory frameworks. This is a hands-on leadership role requiring both strategic vision and operational execution.

Responsibilities

Strategic Leadership

  • Define and execute the Indonesian cybersecurity and operational resilience strategy aligned with local regulatory requirements and global Binance business objectives.

  • Act as the primary advisor to executive leadership and the board on information security risks and regulatory obligations in Indonesia.

  • Represent Binance in engagements with Indonesian regulators — including OJK, Bappebti, Bank Indonesia, and the Ministry of Communication and Information Technology (Kominfo) — on cybersecurity, data protection, and operational resilience matters.

  • Lead the implementation of cybersecurity programs aligned with OJK Regulation on Cyber Security Management (POJK on Cyber Security), Bappebti crypto-asset regulations, and PDP Law requirements.

Regulatory Compliance

  • Lead the design and implementation of security frameworks and controls aligned with:

  - OJK Cyber Security Management regulations and governance guidelines

  - Bappebti regulations on crypto-asset trading and exchange operations

  - PDP Law (UU PDP) — Indonesia's Personal Data Protection Law

  - Bank Indonesia payment systems and electronic money regulations (as applicable)

  - Kominfo regulations on electronic systems and data protection (PSE framework)

  • Develop and maintain policies, procedures, and documentation to ensure ongoing compliance with Indonesian regulations and international standards.

  • Ensure timely regulatory reporting, breach notifications (including PDP Law's 72-hour notification requirement), and response to regulatory inquiries and audits.

  • Liaise with Indonesian regulatory bodies and ensure proactive engagement on emerging cybersecurity requirements.

Risk & Incident Management

  • Oversee risk assessments, security architecture reviews, and cyber risk reporting at the regional level.

  • Implement and maintain incident detection and response capabilities in line with Indonesian regulatory requirements, ensuring proper reporting timelines and impact assessments.

  • Coordinate response to major cyber incidents affecting Indonesian operations, including mandatory breach notifications to OJK/Bappebti/Kominfo as required.

  • Establish and lead the Computer Security Incident Response Team (CSIRT) for Indonesian operations.

Third-Party & Supply Chain Risk

  • Ensure third-party ICT service providers meet contractual and regulatory standards, including oversight of cloud service providers and concentration risk assessments.

  • Collaborate with procurement and legal teams to review contracts, conduct due diligence, and manage exit strategies in compliance with PDP Law data transfer and processor obligations.

  • Manage Third party integrations risk to ensure alignment with security standards and SLAs.

Cybersecurity Operations

  • Guide the security operations function in Indonesia, including vulnerability management, monitoring, and threat intelligence.

  • Partner with global SOC, Security Governance, and IT teams to align threat detection and response capabilities.

  • Drive cyber threat & vulnerability management/penetration tests as per the regulatory framework.

  • Implement robust resilience best practices to ensure that Binance products remain best in class.

Cybersecurity Governance

  • Lead Security Risk Management with all stakeholders as per the Security Risk Framework.

  • Accountable to the regulatory authority for all Security and IT Governance matters in Indonesia.

  • Maintain and develop security governance practices including regulatory, board and committee reporting.

  • Work as part of the three lines of defense model to ensure funds, data and systems are secure.

  • Ensure all security obligations for governance, regulatory and compliance matters are delivered.

  • Assist the delivery of internal and external audits related to Technology and Security.

  • IT security risk management for new projects and/or any integration with third-party vendors.

  • Manage the local security team and contribute to continual improvement of the global department.

  • Security incident management, including prompt reporting to senior management and other teams.

  • Facilitate continual alignment to regulatory compliance obligations and international standards.

Requirements

  • Fluency in English and Bahasa Indonesia; currently based in Jakarta or willing to relocate.

  • Held an approved person's role within a regulated financial institution in Indonesia (preferred).

  • Track record of international company experience and cyber security in a regulatory context.

  • A combination of senior management and deep cyber security experience is mandatory.

  • Security community contributor either through published material or international conferences.

  • Demonstrable experience in a global team with a rich multicultural fast-paced environment.

  • 6+ years of experience in finance or a related sector, focusing on security and technology compliance in a global firm.

  • In-depth knowledge of Indonesian financial and data protection regulations, including OJK cybersecurity regulations, Bappebti rules, PDP Law (UU PDP), and Kominfo PSE regulations.

  • Demonstrated success in leading cross-functional cybersecurity teams across multiple jurisdictions.

  • Experience managing ICT risk, cyber incidents, third-party vendors, and penetration testing in line with regulatory standards.

  • Deep understanding of Indonesian cybersecurity regulations and operational resilience principles.

  • Bachelor's degree or higher in information technology, cyber security, or related field.

  • Track record in self-motivated leadership and excellent communication and listening skills.

  • Proven management of cyber security operations with hands-on implementation skills.

  • Delivery of best practices for international data privacy and information security frameworks.

  • NIST Cybersecurity & Privacy Framework, ISO 27001/ISO 27701, CIS and PCI-DSS.

  • Must seek excellence by default and show a passion for collaboration and team achievement.

  • Demonstrable experience delivering effective business and technical security solutions.

  • A passion for the latest cyber security trends and emerging threats is essential.

  • Mandatory requirement for experience engaging directly with a regulatory body (OJK, Bappebti, Bank Indonesia, or Kominfo) and implementing regulator's recommendations.

  • Certifications are a plus: CISSP, CISM, CEH, CIPP, CIPM, FIM, ISO 27701, ISO 27001 Lead Auditor, and/or ISC2, ISACA, GIAC, CREST.

Why Binance
• Shape the future with the world’s leading blockchain ecosystem
• Collaborate with world-class talent in a user-centric global organization with a flat structure
• Tackle unique, fast-paced projects with autonomy in an innovative environment
• Thrive in a results-driven workplace with opportunities for career growth and continuous learning
• Competitive salary and company benefits
• Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.
By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
apply for this job

Apply Now:

Location: Indonesia, Jakarta


Receive similar jobs:

Web3 Security Expert Jobs

Job Position and Company Location Tags Posted Apply
Denver, CO, United States
Remote

Remote

Remote

Remote

Remote

Remote

Remote

Remote

Remote

Recommended Web3 Security Experts for this job

/@pokolenie333

Pokolenie333



See Profile
/@fleischhacker

Fleischhacker



See Profile
/@r00tkit

R00tkit



See Profile
/@dmytro

Dmytro



See Profile
/@syekhrp

Syekhrp



See Profile
Cover Letter / AI Interview