← Back to jobs
Akoya
Akoya

Head of Risk & Security

otherfull-timeRemote in Boston, New York, Raleigh Areas
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
fintech
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

The Role

Akoya is seeking a seasoned, hands-on Head of Risk & Security to lead and mature our cybersecurity, risk management, and IT governance functions as we scale our secure, API-driven open finance network.

This leader will serve as the operational backbone of Akoya’s security and risk programs — translating strategy into execution. You will lead and develop a team across security engineering, cyber operations, risk, compliance, and IT, while partnering closely with Engineering, Product, Legal, Customer Success, and Business Development.

This role is ideal for a builder — someone who has scaled capabilities in security and risk functions in startup or fintech environments and understands the unique demands of serving both:

  • Financial Institutions (Data Providers) with rigorous regulatory and third-party risk requirements
  • Fintechs and Data Recipients operating in agile, API-first ecosystems

You will play a critical role in protecting Akoya’s Data Access Network and Open Finance Solution while strengthening trust across our ecosystem of financial institutions and fintech partners.

Key Responsibilities

Risk Management

  • Mature and execute Akoya’s enterprise risk management (ERM) framework.
  • Develop and track key risk indicators (KRIs) aligned with business OKRs.
  • Lead third-party risk management across fintech partners, vendors, and service providers.
  • Conduct product risk assessments across new open finance capabilities.
  • Support regulatory readiness related to CFPB Section 1033 and evolving open banking requirements.

Security & Cyber Operations Leadership

  • Lead day-to-day execution of Akoya’s cybersecurity program across product, infrastructure, and corporate environments.
  • Operationalize secure-by-design principles across SDLC in partnership with Engineering.
  • Oversee vulnerability management, penetration testing, red teaming, and incident response.
  • Drive continuous improvement of zero-trust cloud architectures (AWS-centric).
  • Enhance monitoring, automation, and threat intelligence capabilities.

Compliance & Regulatory Alignment

  • Own operational execution of SOC 2 Type II and other certifications.
  • Ensure alignment with NIST, ISO 27001/27002, GLBA, SOX, PCI (as applicable).
  • Partner closely with Legal and Product on regulatory interpretation and implementation.
  • Respond to due diligence inquiries from financial institutions, fintechs, investors, and regulators.
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
Head of Risk & Security at Akoya — Remote