Akoya External - Head of Risk & Security
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Not all applicants will have skills that match a job description exactly. Akoya values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or has not followed a traditional path, do not let that stop you from considering Akoya. We are always looking for people who will bring something new to the table! • 12+ years in enterprise risk, cybersecurity, or information security. • 5+ years leading risk/security teams in fintech, SaaS, or regulated environments. • Experience building or scaling security programs in startup or high-growth organizations. • Deep cloud security expertise (AWS required; multi-cloud a plus). • Strong hands-on knowledge of: • Zero-trust architecture • Threat modeling • Vulnerability management • Incident response • Demonstrated ownership of SOC 2 and regulatory audits. • Experience working with both: • Regulated financial institutions (bank-side risk expectations) • Fintechs or API-based SaaS platforms (data recipient expectations) • Experience in open banking / open finance ecosystems. • Familiarity with FDX standards and OAuth/OIDC-based authentication models. • Certifications such as CISSP, CISM, CRISC, or equivalent. • Experience briefing executives or board-level stakeholders. • Akoya is an equal-opportunity employer. • This remote position is only available to individuals living in the greater Boston, MA, New York City, NY and Raleigh, NC areas. Candidates who do not live within these areas will not be considered for this role. • The actual base pay offered may take into account the candidate's work location, relevant education, job-related knowledge, skills, and experience, among other factors. • $160,000 - $200,000 USD
Responsibilities
• Risk Management • Risk Management • Mature and execute Akoya’s enterprise risk management (ERM) framework. • Develop and track key risk indicators (KRIs) aligned with business OKRs. • Lead third-party risk management across fintech partners, vendors, and service providers. • Conduct product risk assessments across new open finance capabilities. • Support regulatory readiness related to CFPB Section 1033 and evolving open banking requirements. • Security & Cyber Operations Leadership • Lead day-to-day execution of Akoya’s cybersecurity program across product, infrastructure, and corporate environments. • Operationalize secure-by-design principles across SDLC in partnership with Engineering. • Oversee vulnerability management, penetration testing, red teaming, and incident response. • Drive continuous improvement of zero-trust cloud architectures (AWS-centric). • Enhance monitoring, automation, and threat intelligence capabilities. • Compliance & Regulatory Alignment • Own operational execution of SOC 2 Type II and other certifications. • Ensure alignment with NIST, ISO 27001/27002, GLBA, SOX, PCI (as applicable). • Partner closely with Legal and Product on regulatory interpretation and implementation. • Respond to due diligence inquiries from financial institutions, fintechs, investors, and regulators. • IT Governance & Internal Controls • Oversee corporate IT governance in partnership with the IT Systems Administrator (end-user security, device management, identity, remote access). • Ensure strong IAM, endpoint protection, DLP, encryption, and secure collaboration tooling. • Align IT and Security controls with remote-first operating model. • Team Leadership & Organizational Development • Lead and mentor security engineers, risk analysts, and IT personnel. • Build scalable team structure aligned with growth in API volume and institutional adoption. • Foster a strong security culture where accountability and transparency are embedded across functions. • Act as a senior advisor to ELT. • Ecosystem Trust & External Engagement • Interface directly with security and risk leaders at major financial institutions and fintech clients. • Support sales and customer conversations requiring deep technical credibility. • Represent Akoya in industry forums and working groups (e.g., FDX-aligned initiatives).
No credit card. Takes 10 seconds.