Chief Information Security Officer

Chief Information Security Officer

Location: East Coast, USA (Ideally New York City or Atlanta)

Industry:

Financial Technology \& Digital Infrastructure

Role Overview

We are seeking an experienced Chief Information Security Officer to lead and evolve the organization’s global cybersecurity strategy, governance, and operational resilience program. This executive role is ideal for a security leader who can balance innovation, regulatory expectations, and scalable engineering practices within a fast-growing technology environment.

Reporting to executive leadership and partnering closely with senior stakeholders, the CISO will oversee enterprise security strategy, risk management, compliance readiness, and incident response capabilities while helping enable the company’s next phase of growth.

The ideal candidate brings a modern approach to security — emphasizing automation, resilience, secure development practices, and pragmatic risk management in highly regulated or complex operational environments.

Key Responsibilities

Security Governance \& Regulatory Leadership

• Lead the enterprise cybersecurity program and associated governance initiatives across the organization.
• Oversee security risk assessments, compliance readiness activities, and executive reporting processes.
• Partner with legal, compliance, and executive leadership on cyber incident disclosure, materiality assessments, and regulatory response procedures.
• Deliver regular cybersecurity and enterprise risk updates to senior leadership and board-level stakeholders.
• Support evolving international security and privacy requirements relevant to global operations.

Emerging Technology \& Infrastructure Security

• Develop governance frameworks for advanced automation and

AI-enabled systems.

• Oversee the protection of critical financial and transaction infrastructure, including secure identity, access, and authentication controls.
• Drive enterprise-wide Zero Trust and identity-first security initiatives for both workforce and machine identities.
• Advance continuous compliance and security automation initiatives, including policy-driven monitoring and evidence collection.

Security Engineering \& DevSecOps

• Promote secure-by-design engineering practices and integrate security controls into development workflows.
• Build scalable guardrails and automated security controls that enable engineering velocity without compromising risk standards.
• Establish risk-based vulnerability management practices focused on operational impact and threat prioritization.

Operational Security \& Resilience

• Lead enterprise incident response, crisis management, and business continuity planning activities.
• Conduct executive-level tabletop exercises focused on operational disruption, cyber threats, and fraud scenarios.
• Oversee third-party and vendor security risk management programs for strategic technology and infrastructure partners.
• Build and mentor high-performing distributed security teams across multiple functions and disciplines.

Ideal Candidate Profile

Qualifications \& Experience

• CISSP or equivalent senior cybersecurity certification required.
• 10\+ years of progressive experience in information security leadership roles.
• Experience operating within regulated, high-growth, or technology-driven environments.
• Strong background in cloud-native infrastructure and modern security architectures.
• Familiarity with financial systems, digital transaction platforms, AI-enabled technologies, or emerging infrastructure models is highly desirable.
• Advanced degree or executive-level cybersecurity leadership training preferred.

Leadership \& Communication

• Strategic thinker with the ability to align security initiatives to broader business objectives.
• Comfortable navigating ambiguity and balancing operational speed with risk management expectations.
• Proven experience leading organizations through rapid growth, transformation, or evolving regulatory environments.
• Collaborative and influential leader capable of engaging both technical teams and executive stakeholders in distributed environments.