Chief Information Security Officer

This is a hands-on leadership role for a professional who has previously served as a CISO or senior security executive in a highly regulated financial institution, with direct experience interfacing with the Board of Directors and leading end-to-end security programs.

What You’ll Be Responsible For:

Full accountability for the organization’s cybersecurity strategy, operations, and risk posture

Direct leadership of a multidisciplinary security team, including Security Architecture, GRC, and SOC

Building and maintaining company-wide information security policies, standards, and controls

Overseeing security operations, including SIEM/SOC (outsourced), incident response, and vulnerability management

Leading regulatory compliance efforts and responding to audits and third-party security assessments

Partnering with internal departments and external vendors/clients across the supply chain to ensure security by design

Driving periodic risk assessments, penetration testing, and awareness initiatives

Providing ongoing reporting to senior leadership and the Board regarding security status and business risk

Mapping and classifying organizational assets, determining required controls based on sensitivity

Coaching, mentoring, and growing the internal InfoSec team and fostering a culture of cyber resilience

Who We’re Looking For:

Minimum 5 years of experience in information security and cyber risk leadership roles – prior CISO experience is required - Must

Demonstrated experience working directly with Boards of Directors and executive management – mandatory - Must

Background in financial institutions or other regulated industries - Must

Deep knowledge of regulatory and compliance frameworks: ISO 27001, PCI-DSS, GDPR - Must

Professional certifications: CISSP and/or CISM - Must

Familiarity with cloud security, modern security architecture, and enterprise environments - Must

Strong track record in managing large-scale security programs, budgets, and cross-functional initiatives - Must

Proven ability to lead during complex incidents and communicate technical risk in business terms

High level of technological proficiency and familiarity with leading InfoSec platforms