Role Overview:

The Senior Security Analyst (APAC) will be responsible for enhancing the organization's cloud, data, and AI security posture across the Asia-Pacific region. This position will serve as a bridge between global security initiatives and regional operation, ensuring alignment, compliance, and effective execution of cybersecurity strategies across multiple markets with varying regulatory requirements.

This role is ideal for a seasoned cybersecurity professional with a strong background in cloud security, AI security, and data governance, coupled with hands-on experience in leading security technologies such as Cyera, HiddenLayer, Zscaler, Microsoft Purview, and Wiz.

Key Responsibilities:

Cloud Security Leadership

• Serve as the regional cloud security subject matter expert for APAC.
• Collaborate with global and regional teams to standardize cloud security posture between North America and Asia.
• Provide guidance and technical oversight on cloud security misconfigurations, vulnerability remediation, and secure architecture design for regional projects.
• Partner with internal IT and cloud engineering teams to implement best practices across AWS, Azure, Alibaba and GCP environments.

AI Security Enablement

• Support Asia-based teams in embedding security controls into internally developed AI and ML applications.
• Partner with AI engineering and product teams to ensure that model training, deployment, and monitoring adhere to secure-by-design principles.
• Work closely with the HiddenLayer platform to detect, assess, and mitigate risks in AI models and data pipelines.

Data Security & Governance

• Drive regional implementation of data governance and protection programs, ensuring alignment with global frameworks.
• Support Asia partners in data classification, data lifecycle management, and data access control initiatives.
• Collaborate with the Asia Legal team to identify and close data governance risks and compliance gaps.
• Act as the security liaison for major data protection and privacy projects within the region.

eDiscovery

• Ensure integration of eDiscovery tools with data governance and security controls across cloud and on-prem environments.
• Provide technical guidance on data preservation, collection, and analysis in support of legal investigations and discovery requests.
• Partner closely with the Legal and Compliance teams to align eDiscovery processes with regulatory and litigation requirements.
• Manage and support eDiscovery platforms and workflows, ensuring secure and compliant handling of electronically stored information (ESI).
• Risk Management & Compliance
• Provide input into security risk assessments, audits, and compliance reviews across APAC business units.
• Monitor, assess, and report on regional security posture, aligning with global KPIs and metrics.
• Support incident response, threat hunting, and security investigations as needed within the region.

Required Skills & Experience:

• Deep technical expertise in cloud security and hands-on experience with:

- Wiz

- Zscaler

- Microsoft Purview

- Cyera

- HiddenLayer

• Strong understanding of regional regulatory requirements (e.g., PDPA, GDPR-Asia variants, local cloud sovereignty laws).
• Experience in security frameworks such as NIST, ISO 27001, CSA CCM, and CIS Benchmarks.
• Familiarity with DevSecOps practices, CI/CD pipelines, and integrating security into agile development processes.
• Excellent communication and stakeholder management skills across diverse cultural and business environments.

Preferred Qualifications:

• Bachelor's or Master's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CCSP, CISM, or GIAC.
• Prior experience working in a multinational organization with complex regional operations.
• Proven ability to operate independently while aligning to global strategy.

Why Join Us:

• This is a pivotal opportunity to shape the cybersecurity landscape for the APAC region in a globally integrated security organization. You'll have the autonomy to drive initiatives that directly impact business resilience, innovation, and data protection across multiple markets