Chief Information Security Officer

Chief Information Security Officer (CISO) Role Overview We are seeking a decisive, and hands-on Chief Information Security Officer (CISO) to take full ownership of the company's security agenda. This leader must drive security initiatives, managing crises, and embedding security across the organization. The CISO will directly shape, enforce, and oversee the execution of cybersecurity strategy, ensuring alignment with business priorities and regulatory frameworks including MiCA, DORA, ISO, SOC 2, and PCI DSS. During the first 6-12 months, the CISO is expected to play a highly operational "player-coach" role personally overseeing processes, leading incident responses, and building the foundations of a mature security function. Core Expectations What "Hands-On" Means * Active leadership during security incidents * Proposing concrete preventive steps based on deep understanding of the product and attack vectors * Personally drafting key security policies * Leading training sessions and workshops * Overseeing implementation of new processes and controls * Managing security vendors and evaluating third-party risks * Understanding AWS and the tech stack well enough to set clear tasks for engineering teams * Analyzing penetration test and audit results and ensuring follow-up actions The CISO's role is to build strong security processes and ensure they are followed. Key Responsibilities Strategic Leadership * Develop and execute a comprehensive, scalable cybersecurity strategy * Translate security needs into clear business cases and secure stakeholder alignment * Build and scale the security organization and capability maturity * Oversee regulatory compliance efforts across all relevant frameworks Operational Ownership * Lead incident response programs end-to-end: detection, containment, investigation, recovery * Integrate security practices into the SDLC and DevSecOps workflows * Evaluate and manage security tools, vendors, and third-party partners * Ensure

continuous improvement of security policies, processes, and controls Governance & Compliance * Lead the organization toward key certifications (ISO 27001, SOC 2, etc.) * Stay ahead of EU and US regulatory developments, including GDPR, MiCA, DORA * Maintain strong documentation and audit readiness Culture & Communication * Drive a company-wide security-awareness culture * Provide clear, authoritative communication to executives and the board * Train teams on policies, incident preparedness, and risk mitigation * Build trust through expertise and collaboration across technical and non-technical teams Technical Expertise Required * 10+ years in cybersecurity, including 3+ years in senior security leadership * Experience leading security programs in regulated industries (crypto) * Deep knowledge of modern security architecture: * AWS cloud security (required) * Network, endpoint, and application security * Threat modelling and attack surface reduction * Strong experience implementing ISO 27001, SOC 2, MiCA, DORA, PCI DSS * Expertise in responding to advanced threat actors, including APT groups * Proven ability to integrate security into DevOps / DevSecOps environments * Strong command of risk management and security governance Leadership Qualities * Crisis Command: Able to take decisive control during major incidents * Inspiring Expertise: Leads by credibility, not authority * Strategic Thinking: Aligns security with business and product innovation * Influential Communicator: Confident with executives, auditors, regulators * Change Champion: Capable of shifting organizational mindset toward strong security hygiene Experience & Background * Proven track record building and maturing security functions * Experience managing multi-country security operations * Strong understanding of global threat landscapes, APTs, zero-day risks, supply chain vulnerabilities * Prior exposure to working with law enforcement or intelligence agencies is a plus Must-Haves * AWS cloud security proficiency * Hands-on crisis and incident leadership experience * Strong executive presence and communication skills * Demonstrated ownership of compliance and certification initiatives * Ability to build scalable, robust security processes * Deep understanding of modern threat actors and attack vectors Nice-to-Haves * Public speaking, community leadership, or thought leadership in security * Experience with government, intelligence, or cybercrime investigations * Background combining both technical security and regulatory/compliance security Key Challenges for the Incoming CISO * Scaling cybersecurity capabilities alongside rapid business growth * Meeting aggressive regulatory-readiness timelines (MiCA/DORA) * Protecting the organization against sophisticated, state-sponsored attackers * Building strong security posture with constrained budgets or resources * Driving a cultural shift toward organization-wide security engagement * Resetting and modernizing legacy security strategies and processes Seniority level Executive Employment type Full-time Job function Finance and Information Technology Industries Financial Services, Technology, Information and Media, and IT Services and IT Consulting #J-18808-Ljbffr