Chief Information Security Officer (CISO)

CAIS$270K — $320K *
Finance & Insurance
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Proven experience in cybersecurity within financial services or regulated industries.
  • Hands-on technical background in security engineering, cloud security, or incident response.
  • Expertise in risk management frameworks and vendor security protocols.
  • Strong understanding of compliance regulations for financial institutions.
  • Experience in developing AI security strategies for machine learning systems.
  • Certifications such as CISSP, CISM, or CISA are preferred.
  • Excellent communication skills to influence stakeholders effectively.

Responsibilities

  • Create and implement a comprehensive security strategy to protect sensitive financial data.
  • Assess and mitigate cyber threats and vulnerabilities continuously.
  • Lead operational risk management, including identifying and mitigating risks.
  • Ensure the firm complies with financial regulations and manage audits.
  • Evaluate security risks from third parties and cloud vendors.
  • Lead incident response efforts to manage security incidents and crises.
  • Design secure technology infrastructure including cloud and endpoint security.
  • Develop AI security frameworks ensuring data integrity and compliance.

Benefits

  • Generously subsidized healthcare, including 100% employer-paid dental and vision.
  • Employer-matched retirement plan and wellness programs.
  • Generous PTO and parental leave policies.
  • Flexible hybrid work model requiring only 3 days in office per week.
Full Job Description
CAIS is seeking a Chief Information Security Officer (CISO) who pairs deep technical expertise with strategic vision to lead the firm's cybersecurity program and Operational Risk Management practices. This role will drive security strategy-including AI security strategy-mitigate risks, ensure regulatory compliance, and protect critical financial assets and client data. The CISO will oversee all cybersecurity and operational risk functions while remaining hands-on with architecture, tooling, and incident response, and will ensure third-party and vendor security align with the firm's risk management framework. Responsibilities • Cybersecurity Leadership: Develop and execute a comprehensive security strategy aligned with industry standards (NIST, ISO 27001, CIS Controls) to safeguard sensitive financial data. • Risk Management & Threat Intelligence: Continuously assess cyber threats, vulnerabilities, and implement proactive security measures. • Operational Risk Oversight: Lead the firm's operational risk management framework, including identification, assessment, and mitigation of operational risks across business processes, technology systems, and third-party relationships. • Regulatory Compliance & Audit: Ensure compliance with financial industry regulations (SEC, FINRA, SOC 2), managing audits and certifications. • Third-Party & Vendor Security: Evaluate and manage security risks associated with external partners, vendors, and cloud service providers, ensuring compliance with cybersecurity policies. • Incident Response & Crisis Management: Lead the firm's response to security incidents, breaches, and fraud, ensuring swift resolution and recovery. • Technology & Infrastructure Security: Lead secure architecture design, cloud security, endpoint protection, and network security-personally engaging in design reviews, tooling evaluations, and technical decision-making. • AI Security Strategy: Develop and implement security policies and governance frameworks for AI and machine learning systems, ensuring responsible AI deployment, data integrity, model security, and compliance with emerging AI regulations. • Cybersecurity Operations: Direct and actively participate in day-to-day cybersecurity functions, including security monitoring, threat hunting, vulnerability management, and detection engineering. • Data Protection & Privacy: Implement robust encryption standards, access controls, and data governance policies. • Leadership & Collaboration: Partner with executive leadership, IT teams, and external stakeholders to align security initiatives with business objectives. • Employee Education & Awareness: Develop security training programs and promote a culture of cybersecurity across the organization. Qualifications • Proven track record in financial services cybersecurity or a regulated industry. • Experience in information security leadership roles with a strong hands-on technical background (e.g., security engineering, penetration testing, cloud security architecture, or incident response). • Expertise in risk management, operational risk frameworks, vendor security, cloud security, and encryption protocols. • Strong knowledge of regulatory compliance frameworks affecting financial institutions. • Experience developing AI security strategies, governance frameworks, and risk assessments for AI/ML systems. • CISSP, CISM, or CISA certifications preferred. • Excellent communication and leadership skills, with an ability to influence stakeholders at all levels. • A leader who thrives at the intersection of strategy and execution-equally comfortable presenting to the Board and working through a security incident hands-on. CAIS' compensation package includes a market competitive salary, a performance bonus, and exceptional benefits. If you are located in New York, New York, the base salary range for this role is $270,000 - $320,000. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, and specific office location. CAIS offers a comprehensive benefits package that includes generously subsidized healthcare with 100% employer paid dental and vision insurance, an employer matched retirement plan, wellness programs, and generous PTO and parental leave. Additionally, CAIS offers a flexible, hybrid in-office model; for most roles, we do require a minimum of 3 days in office per week. For more information on our benefits and career opportunities, please visit our website: https://www.caisgroup.com/our-company/careers. We use technology, including AI tools, to support parts of our recruitment process such as application screening, interview scheduling, and candidate communications. These tools are used to improve efficiency and consistency, but they do not replace human judgement. All hiring decisions are made by people, and we are committed to fair and unbiased assessment of every candidate.

About CAIS

CAIS is a financial technology company that provides a platform for financial advisors to access alternative investments. The company's platform offers a range of alternative investment products, including hedge funds, private equity, and real estate. CAIS was founded in 2009 by Matt Brown, Rafay Farooqui, and Keith Danko. The company is headquartered in Boston, Massachusetts.
Learn more about CAIS
Size
100 employees
Industry
Founded
2009

Similar Jobs

More Jobs at CAIS

More Finance & Insurance Jobs

Find similar Chief Information Security Officer (CISO) jobs: