Key Responsibilities And Focus Areas
Security Compliance & Governance
- Develop, update, and maintain organizational cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements (including Taiwan's Information and Communications Security Management Act) and industry best practices (e.g., ISO 27001, NIST, CIS Controls).
- Lead internal security audits and regulatory assessments; prepare documentation, coordinate audit activities, and drive timely remediation of findings across teams.
- Assist in third-party and supplier security audits, managing due diligence and compliance requirements.
Product Security & Architecture Review
- Collaborate with Engineering and Product teams to embed security requirements throughout the Software Development Life Cycle (SDLC), utilizing a security-by-design approach.
- Conduct security architecture reviews, threat modeling, and risk assessments for new products, features, and infrastructure changes, particularly within financial services, fintech, and digital asset/blockchain platforms.
- Provide technical guidance on secure configuration management, vulnerability management, and access control mechanisms.
Incident Response & Monitoring
- Establish, maintain, and continuously enhance the information security incident response framework and playbooks.
- Act as a lead responder for security incidents, coordinating investigation, technical analysis (forensics), and effective remediation efforts.
- Proactively manage and respond to security monitoring alerts (SIEM, EDR), performing root cause analysis and implementing technical preventive measures to prevent recurrence.
Desired Candidate Profile
- 35 years of experience in Information Security / cybersecurity, preferably in financial services, fintech, digital asset/blockchain, or related industries.
- Strong understanding of security regulations, compliance requirements, and industry best practices.
- Familiarity with major frameworks and standards such as ISO 27001, NIST, CIS Controls, etc.
- Understanding of Taiwan's information security regulatory landscape
- Fluent in Communication - Both English & Mandarin
About Liminal
Liminal is a compliant and insured digital asset custody and wallet infrastructure provider. Launched in April 2021, Liminal Custody is a CCSS Level 3, SOC Type 2, and ISO 27001 & 27701 certified organization. Based in Singapore, Liminal has operations spread across APAC, MENA, and Europe, along with offices in Singapore,Taiwan , India, and UAE. The company has received an initial approval from VARA. Liminal takes pride in supporting businesses with its qualified and insured custody (self and institutional) that enables stress-free safekeeping of digital assets for institutions. It also provides a cutting-edge wallet infrastructure platform that is secure, compliant, and automated and comes with a plug-and-play architecture for faster onboarding of developers, business partners, and government agencies.
Our website - https://www.liminalcustody.com/
