Job DescriptionThe
Chief Information Security Officer (CISO) is responsible for establishing and executing the enterprise cybersecurity strategy for a high-growth, private fintech company operating in a highly regulated, cloud-first environment. As a forward-thinking technology and business leader, you recognize cybersecurity and artificial intelligence as strategic business enablers. You will partner across technology, product, legal, compliance, and operations to protect customer trust, enable secure innovation, and support the business future direction. Operating effectively at both the Senior Leadership Team/Board and operational levels, you will scale a mature, risk-based security program to align with regulatory expectations, investor scrutiny, and rapid fintech growth.
Key ResponsibilitiesExecutive Leadership & Strategy- Define and execute a multi-year, enterprise-wide cybersecurity strategy aligned with business objectives and future growth.
- Serve as a trusted primary security advisor to executive leadership, the Board of Directors, regulators, and external partners.
- Translate cyber risk into business impact and build a modern, metrics-driven, risk-based security organization focused on enablement, automation, and measurable risk reduction.
- Know when a regulated corporate governance function becomes the mainstay of the organization.
Governance, Risk & Compliance (GRC) & Public Company Readiness- Knowledge and Oversight of SEC expectations and Sarbanes-Oxley Act (SOX) ITGCs processes.
- Direct enterprise security governance aligned to critical fintech regulatory obligations, including PCI DSS 4.0, SOC 1/SOC 2, GLBA, FFIEC guidance, and state privacy regulations.
- Develop and maintain board-level reporting and risk disclosures, while partnering with Legal, Finance, and Audit on cyber risk governance.
- Oversee enterprise risk management, third-party vendor security, and continuous audit readiness across frameworks such as NIST and ISO 27001.
Security Operations, Cloud & Product Security- Oversee the Security Operations Center (SOC), incident response, threat detection, digital forensics, and vulnerability management.
- Drive robust cloud security posture and strategy across AWS, Azure, and/or GCP environments.
- Partner with Engineering and Product to embed secure-by-design and DevSecOps principles across the software development lifecycle (SDLC).
- Lead enterprise identity and access management (IAM) strategy, Zero Trust architecture, and data protection programs to safeguard customer financial data.
- Be the Trust Center customers need to know their data is secure.
AI Security, Governance & Innovation Strategy- Serve as the executive sponsor for the secure, responsible, and business-aligned adoption of AI and machine learning technologies.
- Establish enterprise, controls, and guardrails to assess and manage AI risks, including data leakage, prompt injection, intellectual property protection, and model bias.
- Partner with engineering to enable secure AI innovation that enhances operational efficiency, fraud detection, and customer experience.
- Drive modernization leveraging AI-driven security operations, automation, and predictive threat detection.
- Guide the organization on its journey of AI advancements with a security mindset.
Team Leadership, Culture & Customer Engagement- Build, mentor, and retain high-performing cybersecurity teams, fostering a culture of accountability and continuous improvement.
- Drive a shift from reactive compliance mindset to a proactive risk-management framework that enables business velocity and product innovation.
- Champion a security-first culture across engineering and business teams, balancing security rigor with business velocity.
- Act as the executive security lead during customer due diligence, strategic partnerships, and regulator interactions.
QualificationsRequired Experience & Competencies- 12+ years of progressive cybersecurity leadership experience, including CISO or equivalent senior leadership responsibilities.
- Proven track record in fintech, financial services, and/or highly regulated environments.
- Technical expertise in cloud security architecture, DevSecOps, IAM, and modern attack vectors.
- Extensive experience with compliance and risk management frameworks (PCI DSS 4.0, SOC 2, NIST CSF, ISO 27001, GLBA).
- Demonstrated experience securing AI/ML systems or emerging technologies, including understanding AI-driven cyber risks.
- Experience building a defensible security posture that withstands external institutional audits and future investment events.
- Strong executive presence and communication skills, with extensive experience presenting to Boards of Directors and executive teams.
- Strategic thinker with strong operational execution capabilities and the ability to manage cyber crisis events and incident response.
Preferred Qualifications- Proven experience with regulated corporate governance functions.
- Familiarity with M&A security integration and scaling.
- Experience governing enterprise AI programs and familiarity with frameworks like the NIST AI Risk Management Framework (AI RMF) and ISO/IEC 42001 7.
- Certifications such as CISSP, CISM, or CRISC.
Achieve well-being with:- 401 (k) with employer match
- Medical, dental, and vision with HSA and FSA options
- Competitive vacation and sick time off, as well as dedicated volunteer days
- Access to wellness support through Employee Assistance Program, physical and mental health wellness programs
- Pet care discounts for your furry family members
- Financial support in times of hardship with our Achieve Care Fund
- A safe place to connect and a commitment to diversity and inclusion through our six employee resource groups
We are proudly offering hybrid options in the Phoenix, AZ and San Francisco, CA metro markets.
Salary Range: $275,000 - $305,000 + bonus + equity + benefits.
This information represents the expected salary range for this role. Should we decide to make an offer for employment, we'll consider your location, experience, and other job-related factors.
#LI-KV1
Videos To Watchhttps://www.youtube.com/watch?v=PQPy1BCnTZg
