Head of Information Security

SmarketsChicago, IL
$130,000 - $200,000Hybrid

About The Position

This is a senior security leadership role sitting within Smarkets' CFTC-regulated business unit, responsible for the information security, cybersecurity, and operational resilience of its Designated Contract Market (DCM). The role involves designing and enforcing policies and controls to protect critical systems and data, aligning with Core Principle 20 (System Safeguards) under 17 CFR § 38.1050 et seq. This is a founding build role, where the individual will establish the security program through to go-live, and then operate and mature it as the business scales. Key responsibilities include identifying and mitigating cyber and physical threats, coordinating incident response, and ensuring operational resilience under stress. The role requires close collaboration with engineering, risk, and compliance teams, including UK-based teams, to embed security throughout the software development life cycle and infrastructure. The Head of Information Security will report directly to the CEO and senior management, with support from the Smarkets UK team.

Requirements

  • Senior security leader with 7+ years of senior-level information security experience, ideally within financial services, exchange infrastructure, or critical regulated systems.
  • Demonstrated leadership in implementing cybersecurity, compliance, and resilience programmes in high-risk environments.
  • Deep familiarity with CFTC expectations around system safeguards, including Core Principle 20 and 17 CFR § 38.1050 et seq.
  • Direct experience with security and risk assessments, incident response planning and execution, cybersecurity compliance audits (internal or regulatory), and disaster recovery and business continuity programmes.
  • Experience managing or working with geographically distributed engineering and infrastructure teams.
  • Strong understanding of security frameworks and secure software development practices.
  • Excellent communication and reporting skills, including for executive and regulatory audiences.

Nice To Haves

  • Personal interest in sports, exchanges, or trading
  • Experience securing exchange, clearing, or trading infrastructure.
  • Relevant certifications such as CISSP, CISM, or equivalent.
  • Familiarity with event contracts, prediction markets, or similar novel futures products and their treatment under the CFTC framework.
  • Experience engaging directly with regulators or examiners on technology and system safeguards.

Responsibilities

  • Define and implement the DCM's information security vision, strategy, and programme, consistent with CFTC Core Principle 20 and industry-aligned best practice.
  • Lead risk identification, vulnerability management, and cyber threat mitigation across all DCM technology assets.
  • Ensure the design and enforcement of security controls across infrastructure, software development, vendor relationships, and end-user operations.
  • Own the incident response framework, including procedures for detection, containment, reporting, recovery, and root cause analysis.
  • Direct the business continuity and disaster recovery programmes, ensuring systems and teams can operate during disruption.
  • Prepare and maintain system safeguards documentation, audit logs, penetration tests, and other evidence for CFTC oversight and examinations.
  • Serve as the executive lead for cybersecurity audits, control testing, and CFTC technology compliance.
  • Collaborate with engineering, DevOps, product, and risk to ensure secure-by-design development and deployment, including across UK-based teams.
  • Regularly brief the CEO and senior management on security posture, threats, incidents, and risk levels.

Benefits

  • 25 days' annual leave, plus public holidays.
  • 401(k) plan: Smarkets matches 100% of employee contributions up to the first 6% of salary.
  • Private medical insurance: a monthly reimbursement towards the private health insurance plan of your choice.
  • Performance bonus of up to 25% of base salary.
  • Equity via share options scheme.
  • Annual professional development budget of $1,000 for conferences, training, courses, books, and other learning opportunities.
  • Work From Anywhere: up to 20 days per year (pro-rated) to work remotely from locations around the world.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service