Senior Information Security Officer (Arbo)
Role details
Job location
Tech stack
Job description
Chief Information Security Officer (CISO) Location: Remote.Schedule: Full-time.We are seeking a highly experienced security and risk executive to join Criptan as the ultimate owner of information security, compliance, and enterprise risk management.Reporting directly to the Board, this role is critical to safeguarding our organization, ensuring regulatory alignment, and embedding a culture of security across all business units.Responsibilities Act as the executive owner of information security and risk management, reporting directly to the Board.Develop and maintain a comprehensive security and compliance strategy aligned with Criptan's business goals and European regulatory requirements (MiCA, DORA, GDPR, ISO?, SOC?2).Oversee the design and governance of security policies, frameworks, and internal controls across all business units.Lead the enterprise risk management function, including cyber risk, operational risk, third?party/vendor risk, and business continuity.Serve as the primary point of contact with regulators, auditors, and external stakeholders on information security and compliance matters.Provide regular risk and security updates to the Board, including dashboards, KPIs, and strategic recommendations.Supervise security audits, penetration tests, and certifications, ensuring continuous improvement of Criptan's security posture.Champion a security culture across the organization, providing leadership, training, and communication at all levels.Ensure that engineering and operations teams integrate security by design into the technical stack: Backend: Node.Js, Frontend / Mobile / Web: Flutter, Databases: MySQL, DynamoDB, Redis, Infrastructure: AWS (multi?AZ, containerized workloads, IAM, WAF, monitoring, etc.).Qualifications ~5+ years of progressive experience in information security, risk, or compliance.Proven success in regulated financial services, fintech, or crypto environments, including engagement with regulators.Deep knowledge of European regulatory frameworks (MiCA, DORA, GDPR) and international standards (ISO?, SOC?2, NIST).Recognized professional certifications highly desirable: CISSP, CISM, CISA, ISO?***** Lead Implementer / Auditor.Familiarity with modern cloud?native technology stacks (AWS, Node.Js, Flutter, MySQL) is a plus.Focus is on governance, not hands?on coding.#J-*****-Ljbffr
Requirements
Qualifications ~5+ years of progressive experience in information security, risk, or compliance. Proven success in regulated financial services, fintech, or crypto environments, including engagement with regulators. Deep knowledge of European regulatory frameworks (MiCA, DORA, GDPR) and international standards (ISO?, SOC?2, NIST). Recognized professional certifications highly desirable: CISSP, CISM, CISA, ISO? Lead Implementer / Auditor. Familiarity with modern cloud?native technology stacks (AWS, Node.Js, Flutter, MySQL) is a plus.