Chief Information Security Officer (CISO)

Ceres Life InsuranceNew York, NY
5d
Match Resume

About The Position

Westaim and CC Capital have joined forces to strategically transform Westaim from a holding company into a global alternative credit asset manager with a unique, integrated insurance platform, branded as The Westaim Corporation. This partnership supports a long-term vision to deliver innovative, customized financial solutions across alternative credit and insurance, creating scalable growth and meaningful client impact. Ceres USA Holdings, LLC, part of the insurance platform within The Westaim Corporation strategy, is the parent company of Ceres Life Insurance—a fast-growing, technology-driven annuity carrier startup. Ceres is focused on redefining retirement security by combining modern fintech capabilities, top-tier talent, and strong vendor partnerships to deliver exceptional annuity solutions and digital experiences. Ceres is deeply committed to a client-centered culture. Through its Digital Contact Center and advisor-facing platforms, the company delivers proactive, personalized, and technology-enabled support that empowers clients and advisors while maintaining the highest standards of trust, security, and regulatory compliance. The Chief Information Security Officer (CISO) is a senior executive responsible for establishing, leading, and continuously evolving Ceres’ enterprise-wide information security and cyber risk program. As a key member of leadership, the CISO ensures that security enables innovation, protects the employees, clients, advisors, and supports the rapid growth of a fintech-enabled insurance startup operating in a highly regulated financial services environment. This role requires hands-on experience building security programs in startup or high-growth fintech organizations, balancing speed-to-market with strong risk management, regulatory compliance, and resilience. The CISO partners closely with Technology, Product, Risk, Compliance, Legal, and executive leadership to embed security-by-design across digital platforms, cloud infrastructure, data, and third-party ecosystems.

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or a related field.
  • 10+ years of progressive information security or cyber security experience, with 7+ years in senior leadership roles.
  • Prior experience as a CISO, Deputy CISO, or Head of Security in a fintech, financial services, or high-growth startup environment.
  • Proven ability to engage with C-suite executives and Boards, translating technical risk into business-focused insights.
  • Demonstrated experience designing and executing incident response, disaster recovery, and business continuity programs.
  • Strong expertise in cyber risk management, security operations, managed security service providers, and cloud security.
  • Experience building metrics, dashboards, and reporting for executive and Board-level decision-making.
  • Deep understanding of privacy, security, and financial services regulatory requirements.
  • Exceptional leadership, communication, and collaboration skills with strong business judgment.
  • Knowledge of and experience with privacy and security law issues.
  • Strong collaboration, problem-solving, and analytical skills, paired with sound business judgment and commercial awareness.
  • Knowledge of and hands-on experience with relevant frameworks and regulation
  • Partner with Procurement and Legal to ensure contracts meet Ceres’ security, resiliency, and regulatory requirements.

Nice To Haves

  • Experience scaling security programs in early-stage or rapidly growing fintech organizations.
  • Leadership experience in Identity & Access Management (IAM), Governance, Risk & Compliance (GRC), or product security.
  • Professional certifications such as CISSP, CISM, or equivalent.

Responsibilities

  • Define and own Ceres’ information security and cyber risk strategy, aligned with business objectives, digital transformation initiatives, and approved risk appetite.
  • Serve as the executive authority and trusted advisor on information security, cyber risk, and technology resilience to the CEO, Executive Leadership Team, and Board.
  • Build, lead, and scale a modern security organization appropriate for a fintech startup, leveraging internal talent and strategic managed service providers.
  • Enable secure innovation by balancing robust security controls with agility, automation, and rapid product development.
  • Establish and maintain security governance, policies, standards, and procedures aligned with financial services and insurance regulatory requirements.
  • Oversee compliance with applicable laws, regulations, and frameworks relevant to fintech and insurance operations (e.g., SOC 2, GLBA, NYDFS 500, PCI DSS, privacy regulations).
  • Lead enterprise cyber risk assessments, threat modeling, and control maturity evaluations.
  • Provide clear, actionable cyber risk reporting to executive leadership and the Board.
  • Oversee security operations including monitoring, vulnerability management, penetration testing, and remediation programs.
  • Lead preparation for and response to cyber security incidents, coordinating with Technology, Legal, Risk, Compliance, and Communications teams.
  • Ensure incident response, disaster recovery, and business continuity plans are established, tested, and continuously improved to meet regulatory and business expectations.
  • Partner with Technology and Product leadership to embed security-by-design into cloud platforms, applications, APIs, data pipelines, and fintech integrations.
  • Review and approve security architecture for new platforms, digital products, and material system changes.
  • Ensure strong identity and access management, encryption, data protection, and privacy controls across advisor- and client-facing solutions.
  • Define and lead third-party security and technology risk management programs, particularly for cloud providers, fintech platforms, and outsourced service partners.
  • Assess, onboard, and continuously monitor vendors critical to annuity administration, payments, data, and digital distribution.
  • Partner with Procurement and Legal to ensure contracts reflect appropriate security, resiliency, and regulatory requirements.
  • Foster a strong security-aware culture aligned with Ceres’ mission, values, and client trust.
  • Lead company-wide security awareness and training initiatives tailored to a fintech startup environment.
  • Monitor emerging cyber threats, fintech trends, and regulatory developments to continuously enhance the security posture.

Benefits

  • Competitive compensation package with PTO, health benefits, and career growth opportunities.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Executive

Job Search Resources

Similar Chief Information Security Officer (CISO) job opportunities

Chief Information Security Officer - CISO
Blue Cross and Blue Shield of North Carolina
Blue Cross and Blue Shield of North Carolina9d • Hybrid
Global Chief Information Security Officer (CISO)
Allied Universal
Allied Universal • Irvine, CA7d • $275,000 - $350,000
Chief Information Security Officer (CISO)
JerseySTEM, Inc.
JerseySTEM, Inc.5d • Remote
Global Chief Information Security Officer (CISO)
Allied Universal
Allied Universal • Irvine, CA8d • $275,000 - $350,000
Global Chief Information Security Officer (CISO)
Allied Universal
Allied Universal • Irvine, CA9d • $275,000 - $350,000
Chief Information Security Officer
City of New York
City of New York • New York City, NY10d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service