Security Lead

A leading global organisation in Taiwan is seeking a Security Lead to champion product compliance, security, and cybersecurity across its operations. This pivotal role offers you the opportunity to shape and implement world-class compliance programmes, including GDPR, SOC 2, CSA Star Level 1, and US-specific frameworks such as PII and FTC COPPA.

What you'll do:

As Security Lead based in Taiwan, you will play an instrumental role in driving the organisation’s compliance strategy forward. Your day-to-day activities will involve working alongside skilled professionals from various departments to deliver robust security solutions that safeguard products throughout their lifecycle. You will be responsible for supporting the implementation of global regulatory frameworks while facilitating operational excellence through tool integration. By fostering collaboration among teams and acting as a bridge between technical experts and business leaders, you will help maintain high standards of data privacy and protection. Success in this position requires you to be proactive in identifying risks, developing mitigation plans, preparing for audits or certifications, and ensuring that all projects are completed efficiently. Your ability to communicate effectively with stakeholders at every level will be crucial in aligning business objectives with security priorities.

• Assist in managing a high-performing team dedicated to compliance, product security, and cybersecurity initiatives by providing guidance and support throughout project lifecycles.
• Collaborate with team leads to ensure timely delivery of complex compliance and security projects while maintaining alignment with business objectives.
• Support product compliance efforts by adhering to global standards such as GDPR, NIST CSF, SOC 2, CSA Star Level 1, and US-specific PII regulations including FTC COPPA.
• Maintain compliance with data privacy and protection frameworks by preparing documentation and processes for regulatory audits and certifications.
• Contribute to cybersecurity initiatives by supporting Security Severity Modeling, Incident Response policies, risk management strategies, and critical programme execution such as Zero Touch Production.
• Assist in the implementation of DRATA solutions and conduct AWS permission reviews to enhance cloud security across the organisation.
• Work collaboratively with teams to identify risks throughout the product lifecycle and develop effective mitigation strategies that protect sensitive information.
• Support the adoption and integration of tools like JIRA, Confluence, and Drata to optimise compliance workflows and improve reporting accuracy.
• Track operational metrics related to compliance and security goals while providing regular updates on project progress to senior leadership.
• Act as a liaison between compliance, product development, legal teams, and senior stakeholders to ensure seamless communication regarding key initiatives.

What you bring:

To excel as Security Lead you will bring extensive experience from software engineering or compliance-focused environments where you have successfully managed multi-disciplinary teams. Your background should include hands-on involvement with international regulatory standards governing data privacy—such as GDPR—and practical application of these frameworks within complex organisations. You will possess strong technical acumen relating to secure software development practices along with familiarity using modern cybersecurity tools. Your interpersonal abilities will enable you to build trust among colleagues while influencing positive outcomes during cross-departmental collaborations. Additionally your approachability combined with excellent communication skills ensures that you can translate technical requirements into actionable business strategies. A history of setting clear objectives for your team using measurable results demonstrates your commitment to transparency; meanwhile your capacity for conflict resolution supports harmonious working relationships throughout the company.

• Bachelor’s degree in Computer Science, Cybersecurity or a related field is required for this position.
• At least six years of experience in software engineering, security or compliance roles is essential for success.
• Minimum three years’ experience leading teams of five or more members with proven people management skills is necessary.
• Demonstrated expertise in product compliance with global regulatory standards such as PII, GDPR, SOC 2, CSA Star Level 1 as well as US-specific frameworks like FTC COPPA is highly valued.
• Comprehensive knowledge of secure software development lifecycles (SDLC), DevSecOps methodologies and cloud security platforms including AWS, Azure or GCP is expected.
• Familiarity with cybersecurity tools such as SAST/DAST scanners for code analysis, SIEM systems for monitoring threats and WAFs for web application protection is important.
• Ability to manage cross-functional teams by inspiring collaboration towards shared strategic goals is required.
• Experience resolving conflicts within teams while fostering cohesion across departments is beneficial.
• Skilled at delegating tasks effectively whilst maintaining accountability for overall project outcomes is needed.
• Excellent interpersonal communication skills focused on building relationships with stakeholders at all levels are essential for this role.
• Setting clear objectives using measurable key results (OKRs) to guide team efforts is advantageous.