Chief Information Security Officer

We are seeking a highly motivated and experienced Chief Information Security Officer to join our growing team.

The Chief Information Security Officer will join the executive team to take accountability for the strategy and execution of InfoSec initiatives. This is a ‘hands-on’ role. As the only dedicated security specialist, most of your time will be spent executing your strategy, not managing a team initially. Over time you will lead a growing team to deliver on strategic goals.

We've significant InfoSec policies and procedures org-wide, your task will be to enhance them further while preparing the firm for rapid, sustainable scaling.

This is an exciting opportunity to join a fast-growing digital asset brokerage, leveraging your security expertise to make a significant impact on our success. As CISO, you will report directly to the CEO while being peers with the CTO and other executives.

We are a Seed-stage VC-backed startup with 165% 2023 growth, a strong leadership team and 23 full-time staff. Most of the team is fanatical about Bitcoin's world-changing impact, and we prefer to work with other Bitcoin true believers.

Working Location

This is a remote/working-from-home position. We expect to open an office in Vilnius in 2025, but attendance will not be mandatory.

Timelines

Start date: December 2024, Interviews: October/ November

Working Week

• Monday - Friday; Flexible but ideally 9am - 6pm CET
• Out-of-hours; some expected to react to threats and during releases

Compensation

Depending on location, skills and experience, your package includes:

• Executive base pay
• 10% performance bonus
• Significant stake in our success via a share options package

Responsibilities

• Contribute positively and impactfully to our strategy and culture
• Lead and reinforce a culture of goal-setting and self-assessment
• Champion and demonstrate an outcome-focused approach to project work
• Lead teams that embrace mistakes, learn from them, and continually improve
• Lead retrospectives that dispassionately identify root causes and drive towards specific resolutions
• Help the company define its corporate strategy via Objectives and Key Results
• Implement lean security practices that mitigate risk with minimal friction
• Identify and control InfoSec risks in a structured proportionate manner
• Take accountability for all InfoSec tasks from colleagues
• Ensure compliance with relevant regulatory requirements
• Manage security and budgeting of cloud-based infrastructure
• Manage security of colleagues workstations and mobile devices (MDM)
• Create and maintain robust written documentation in collaboration with the legal team, external advisors while ensuring compliance with policies
• Lead a culture of security awareness and personal responsibility
• Lead threat-detection and incident response
• Lead and report on Vulnerability and patch management programmes.
• Regularly test systems for vulnerabilities via internal and external penetration testing and remediate detected vulnerabilities
• Ensure security throughout the SDLC(Software Development Life Cycle); inc CI/CD
• Make everyone around you better

Requirements

• Fluency in English and Lithuanian (Possible communication with the Bank of Lithuania)
• A background of working at startups
• Bachelor's degree in a related field
• A minimum of 5 years of experience in InfoSec, with at least 1 year in a leadership role.
• Proven track record of success in digital assets, fintech, financial services or similar industries
• Strong understanding or keen interest in the digital asset market.
• Excellent leadership and team management skills, with the ability to motivate and inspire others.
• Outstanding communication and interpersonal skills, with the ability to build strong relationships
• Analytical mindset, with a data-driven approach to decision-making and problem-solving
• A passion for delivering quality, effective solutions personally or via delegation
  

Nice to Have’s

• Russian speaking (Engineering team is majority Ukrainian)
• Passion for Bitcoin and digital assets
• DevSecOps Experience
• Experience interacting with regulators
• Experience implementing established security frameworks (Eg NIST/ ISO/IEC)
• Software engineering background
• Relevant Industry Qualification, eg:
• Certified Information Systems Security Professional (CISSP),
• Certified Information Security Manager (CISM),
• Certified in Risk and Information Systems Control (CRISC)

Hiring Process

Our hiring process ensures all staff are surrounded by competent, driven colleagues.

• Submit application/ CV to recruiter
• Complete mandatory (10-minute) form
• Screening call with CEO (15 minutes)
• CTO/ Security Contractor technical interview (45 minutes)
• CEO Full interview (45 minutes)
• Technologist Board member interview (20 minutes)
• Police record and background check