Chief Information Security Officer

About the role

DriveWealth is on a mission to make investing easier. We believe that everyone should have the ability to control their financial future, and that access to financial markets should not be limited by geography, wealth, or legacy systems. We are a global B2B financial technology organization dedicated to democratizing access to financial independence around the world. Our mission is realized through an API-based platform, empowering our partners to offer seamless investing and trading experiences to clients worldwide, all from their mobile devices. Our technology provides partners with a modern, extensible toolkit, enabling traditional investment workflows and innovative techniques like fractional share ownership. DriveWealth has evolved into a global platform offering trading of US equities, mutual funds, ETFs, fixed income, and options. There's never been a better time to build a category-defining business and there has rarely been a team better positioned for this opportunity. Our culture blends the pace and agility of a fintech start-up with the impact, stability, and discipline of Wall Street. We encourage creativity and experimentation while ensuring institutional-grade execution and regulatory compliance in everything we do. Join us and help build the future of global investing! As Chief Information Security Officer, you will be responsible for leading and strengthening the company's entire security function across four key domains: Governance, Risk & Compliance (GRC), Offensive Security (Red Team), Defensive Security (Blue Team), and Security Engineering & Architecture. You will take charge of strategy, improve processes, manage budgets, and build out teams to support ambitious growth goals. The CISO will also represent security to senior leadership and the board, ensuring the organization is compliant with industry standards and ready for regulatory scrutiny.

Responsibilities

• Oversee and enhance policy frameworks and regulatory compliance programs (e.g., SOC, ISO27001, GDPR)
• Conduct and improve security monitoring, incident response, and threat hunting functions
• Direct penetration testing and vendor management activities
• Lead the engineering of secure network and identity management systems in the cloud
• Build, mentor, and expand a skilled security team across underdeveloped areas (especially GRC and Blue Team)
• Engage with industry forums, prepare audit and compliance reports, and present to company leadership
• Drive readiness for public company listing and support ongoing business growth

Requirements

• Strong experience in regulated industries (preferably fintech; healthcare also considered)
• Deep knowledge of cloud-first and zero-trust security models
• Proven track record in building full-scale security programs for public or pre-IPO companies
• Hands-on leadership with the ability to develop and expand high-performing teams
• Expertise in standards compliance, including SOC, ISO27001, and GDPR
• Experience presenting security strategy to executive and board-level leadership
• Familiarity with security certifications and regulatory forums (e.g., FINRA, ISAC)
• Ability to manage budgets and vendor relationships in a dynamic environment
• Compensation package offerings are based on candidate experience and technical qualifications, as it relates to the role. These are identified and determined throughout your interviewing experience.
• Please note : this role is expected to come into our office on a cadence set by the Hiring Manager/Team.
• New York, NY (Hybrid) Pay Range
• $300,000 - $400,000 USD
• Working at DriveWealth
• Work Authorization
• Applicants must possess the legal right to work in the country where the position is located at the time of application. DriveWealth requires all employees to provide original documentation verifying their work authorization on or before their first day of employment.

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at drivewealth? Share your experience