Chief Information Security Officer (CISO)

About The Position

Requirements

• 12+ years of progressive cybersecurity leadership experience, including CISO or equivalent senior leadership responsibilities.
• Proven track record in fintech, financial services, and/or highly regulated environments.
• Technical expertise in cloud security architecture, DevSecOps, IAM, and modern attack vectors.
• Extensive experience with compliance and risk management frameworks (PCI DSS 4.0, SOC 2, NIST CSF, ISO 27001, GLBA).
• Demonstrated experience securing AI/ML systems or emerging technologies, including understanding AI-driven cyber risks.
• Experience building a defensible security posture that withstands external institutional audits and future investment events.
• Strong executive presence and communication skills, with extensive experience presenting to Boards of Directors and executive teams.
• Strategic thinker with strong operational execution capabilities and the ability to manage cyber crisis events and incident response.

Nice To Haves

• Proven experience with regulated corporate governance functions.
• Familiarity with M&A security integration and scaling.
• Experience governing enterprise AI programs and familiarity with frameworks like the NIST AI Risk Management Framework (AI RMF) and ISO/IEC 42001.
• Certifications such as CISSP, CISM, or CRISC.

Responsibilities

• Define and execute a multi-year, enterprise-wide cybersecurity strategy aligned with business objectives and future growth.
• Serve as a trusted primary security advisor to executive leadership, the Board of Directors, regulators, and external partners.
• Translate cyber risk into business impact and build a modern, metrics-driven, risk-based security organization focused on enablement, automation, and measurable risk reduction.
• Know when a regulated corporate governance function becomes the mainstay of the organization.
• Knowledge and Oversight of SEC expectations and Sarbanes-Oxley Act (SOX) ITGCs processes.
• Direct enterprise security governance aligned to critical fintech regulatory obligations, including PCI DSS 4.0, SOC 1/SOC 2, GLBA, FFIEC guidance, and state privacy regulations.
• Develop and maintain board-level reporting and risk disclosures, while partnering with Legal, Finance, and Audit on cyber risk governance.
• Oversee enterprise risk management, third-party vendor security, and continuous audit readiness across frameworks such as NIST and ISO 27001.
• Oversee the Security Operations Center (SOC), incident response, threat detection, digital forensics, and vulnerability management.
• Drive robust cloud security posture and strategy across AWS, Azure, and/or GCP environments.
• Partner with Engineering and Product to embed secure-by-design and DevSecOps principles across the software development lifecycle (SDLC).
• Lead enterprise identity and access management (IAM) strategy, Zero Trust architecture, and data protection programs to safeguard customer financial data.
• Be the Trust Center customers need to know their data is secure.
• Serve as the executive sponsor for the secure, responsible, and business-aligned adoption of AI and machine learning technologies.
• Establish enterprise, controls, and guardrails to assess and manage AI risks, including data leakage, prompt injection, intellectual property protection, and model bias.
• Partner with engineering to enable secure AI innovation that enhances operational efficiency, fraud detection, and customer experience.
• Drive modernization leveraging AI-driven security operations, automation, and predictive threat detection.
• Guide the organization on its journey of AI advancements with a security mindset.
• Build, mentor, and retain high-performing cybersecurity teams, fostering a culture of accountability and continuous improvement.
• Drive a shift from reactive compliance mindset to a proactive risk-management framework that enables business velocity and product innovation.
• Champion a security-first culture across engineering and business teams, balancing security rigor with business velocity.
• Act as the executive security lead during customer due diligence, strategic partnerships, and regulator interactions.

Benefits

• 401 (k) with employer match
• Medical, dental, and vision with HSA and FSA options
• Competitive vacation and sick time off, as well as dedicated volunteer days
• Access to wellness support through Employee Assistance Program, physical and mental health wellness programs
• Pet care discounts for your furry family members
• Financial support in times of hardship with our Achieve Care Fund
• A safe place to connect and a commitment to diversity and inclusion through our six employee resource groups