Chief Information Security Officer

About The Position

Requirements

• 8+ years of hands-on, technical security experience, with 4+ years in a role leading teams/programs
• Experience working with global, cross-functional teams
• Experience leading security compliance projects (e.g., SOC 2 audits, cybersecurity risk assessments, regulatory requirements)
• Working knowledge of effective systems architecture and implementations ( Cloud, Hybrid Cloud, DevOps, Open-Source)
• Working knowledge of secure AI use and best-practices
• Knowledge of security standards / frameworks (e.g., NYDFS Part 500, DORA, GDPR, NIST CSF, etc.)
• Practical knowledge of securing remote work environments.
• Experience with tools and practices such as GPG key management and remote identity authentication.
• Hands on Endpoint Security management (Mac OS)
• Knowledge of applicable laws and regulations (e.g., SOX, GLBA, etc.)
• Excellent oral and written communication skills
• Ability to thrive in a fast-paced, collaborative environment
• Strong organizational and time management skills, including demonstrated ability managing teams and establishing goals and priorities
• Able to work remotely and collaborate with colleagues in different time zones
• BS or MS in Computer Science, Computer Security, Computer Engineering, or other technology-related field

Nice To Haves

• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification
• Experience in the crypto industry or working at a fintech company with payments industry experience a plus
• Experience working at an audit and / or advisory services firm

Responsibilities

• Work closely with Chief Technology Officer, Chief Compliance Officer, Legal Counsel, and other executive leaders to develop and enhance the overall information security program, with a specific focus on engineering and architecture, threat management, identity and access management, vendor management, and regulatory compliance matters.
• Own tactical execution of strategic direction and vision of the information security program
• Analyze business priorities and risk exposure to ensure protection of critical systems and data assets.
• Develop and maintain security metrics and goals
• Draft information security program policies and procedures to ensure compliance with best practices and regulatory requirements
• Manage expectations of our leadership, customers, third-party partners and employees
• Direct and oversee information governance activities, including SOC 2 audits, NYDFS Part 500 requirements, EU/DORA requirements, cybersecurity risk assessments, Penetration Tests, program enhancements, and other industry best-practices and regulatory expectations.
• Lead information security-related committees and working groups
• Manage incident response program, including business continuity/disaster recovery program and security incident preparedness
• Manage Endpoint Security
• Manage third-party risk assessments and other risk related audit deliverables
• Represent the company in discussions with auditors and regulators
• Manage security vendor / supplier relationships
• Manage a team of information technology and security professionals, hire and train new employees, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members
• Manage expenses and budgets for information security department; build and present credible business cases for security initiatives and investments or other IT related initiatives
• Lead training and awareness efforts across the organization and build a culture of compliance around information security and data privacy
• Continuously monitor trends to anticipate and plan for information security risks
• Provide positive and collaborative leadership to all departments (e.g., sales, engineering, product management, legal, compliance, finance, customer success)
• Other duties may be assigned as needed

Benefits

• Collaborate with a team of intelligent, enthusiastic individuals.
• Thrive in a rapidly expanding crypto company with global reach, where your contributions make a tangible impact.
• Work remotely with a generous vacation policy, including the opportunity to take a sabbatical and select your own holidays.
• Access to continuous learning and development opportunities, supported by professional development reimbursement
• The base salary range for this position is $200,000–$250,000 per year (based on experience, location, and qualifications), plus variable compensation through the MBO incentive program with on-target total compensation up to $345,000. We offer 100% employer-paid medical and dental and a robust benefits package that includes telemedicine, life and disability insurance, vision coverage, 401(k), travel assistance, and more.
• Option to receive payment in cryptocurrency, along with a crypto match program.
• Stock option awards are available to all employees.
• Home office allowance, reimbursement for internet/cell expenses, and complimentary Amazon Prime and Spotify subscriptions.