Head of Security

At Aplo, you won’t just do a job - you’ll own outcomes, grow every day, and work with a team that wins together. Aplo is the only EU-registered crypto prime broker for institutional investors offering transparent, conflict-free, self-service execution with fast asset listing across hundreds of coins. In October 2025, Aplo was acquired by Coincheck N.V. (Nasdaq CNCK), a publicly listed company. We combine the agility of a startup with the rigor of a regulated financial institution, giving institutional clients access to crypto markets with the reliability of traditional finance.

About the Role

We are looking for a Head of Security who combines solid technical understanding with structured governance capabilities.

This is a hands‑on role, reporting directly to the CEO and working closely with the CTO. There is no people management responsibility.

Your mission is to build and operate a pragmatic, evidence‑driven security program that protects our platform, customer data, and digital assets — while ensuring audit and regulatory readiness.

This role is designed as a stepping stone toward a future CISO position, depending on performance, impact, and company growth. As the security function matures and the organization scales, the scope of the role may expand toward broader security leadership responsibilities.

Responsibilities

• Build and execute a 12–18 month security roadmap aligned with business priorities
• Maintain and operate a clear and actionable risk register
• Prepare and support audits (evidence collection, remediation tracking, retesting — PASSI approach when applicable)
• Act as the main point of contact for security topics with auditors and internal stakeholders
• Coordinate external security vendors (SOC/MDR, pentesting, vulnerability scanning) and ensure quality delivery
• Own incident response processes (playbooks, coordination, post‑mortems)
• Work closely with the CTO to secure key domains:
• Access management
• Secrets management
• API and integration security
• Crypto key controls
• Contribute to DORA readiness (operational resilience, incident preparedness, third‑party oversight, recovery testing)

Required Profile

• 5–8 years of experience in cybersecurity
• Experience in a regulated environment (finance / fintech / crypto preferred)
• Comfortable working across both:
• Technical security topics
• Governance, risk, and audit requirements
• Structured, pragmatic, and execution‑oriented
• Able to translate risk into clear decisions for leadership

Exposure to DORA or operational resilience programs is a plus.

Pay Range and Compensation Package

• Base salary range: €100–150k (gross per year)
• Coincheck Group Incentive Plan
• 100% health insurance coverage
• Full public transport reimbursement (Pass Navigo)
• Monthly Sports subscription reimbursement (€45)
• Annual Culture Allowance (€200)
• Annual training budget (€1000)

We are committed to fostering a diverse, inclusive workplace where everyone feels valued and empowered.

Recruitment Process

• HR screening 1h - Motivation, fit, prerequisites.
• CIO interview 1h- Risk, audits/regulators, DORA and resilience evidence.
• Reference calls - Validate delivery, collaboration, and integrity.