Chief Information Security Officer (CISO)

About the role

We're hiring a Chief Information Security Officer (CISO) to own and elevate our security program at FloatMe. We are looking for someone who can help us as we scale through bank partnerships, pursue SOC2 compliance, and maintain the highest security for our users. As our CISO, you'll be both a strategic leader and a hands-on practitioner. This role isn't a purely executive seat - we need someone who can sit in a compliance review one hour and be configuring security tooling the next. You'll own our security roadmap, our compliance certifications, our partner security reviews, and the day-to-day technical operations that keep our members' data safe. We're a small, nimble team, which means this role requires the flexibility to switch gears between tactical execution and strategic planning. This role reports to our SVP, Engineering. If you're excited to join a fast-moving fintech where you can build something meaningful, we'd love to hear from you!

Responsibilities

• Serve as the primary security point of contact for our bank and fintech partners, completing security questionnaires, third-party risk assessments, and due diligence requests.
• Steer the architecture of our Cloud, Device, and Network infrastructure with a mind for security-first designs and plans.
• Set the direction for a small number of our staff regarding our infrastructure design, security, integrations and partnerships, and more (IT, Data, and Security).
• Own our SOC 2 Type II program end-to-end, including scoping, control design, evidence collection, and auditor management.
• Maintain and strengthen our compliance posture across GLBA, PCI DSS, and other applicable financial services regulatory frameworks.
• Manage and improve our core security infrastructure: SIEM, EDR, WAF, IAM, secrets management, and vulnerability scanning tools.
• Conduct or manage regular penetration testing and vulnerability assessments, and drive remediation to closure.
• Lead incident response efforts - including hands-on triage, containment, forensics, post-incident review, and breach notification processes.
• Build and run security awareness training and phishing simulations across the company.
• Review and negotiate security requirements in partner and vendor contracts.
• Partner cross-functionally with Product, Engineering, Finance, and Legal to embed security into everything we build.
• Develop and maintain our multi-year security roadmap and report security posture and risk to executive leadership.

Requirements

• A compliance expert - You have deep, practical experience leading SOC 2 audits and navigating financial services frameworks like GLBA and PCI DSS. You know what auditors actually look for.
• A skilled communicator - You can translate complex technical risk into plain language for bank partners, executives, and non-technical teammates. You're a trusted voice in the room.
• A builder and operator - You're energized by building and improving things, not just inheriting them. You're comfortable owning both strategy and execution simultaneously.
• A collaborative team player - You work closely with engineering, product, and compliance without becoming a blocker. You protect the business without slowing it down.
• Passionate about fintech - You understand the unique security and compliance landscape of consumer financial products and are excited about what we're building.
• Who You Are Not
• An auditor or "paper pusher" - We need you to not only help us decide what security posture we need, but you will need to help implement that posture yourself. We're a smaller but very effective team and really need this player to be very hands-on.
• A recreational player - We are looking for someone hungry, competitive, and an impact player who can truly "cover" this area of our company, making us all sleep easier at night knowing that you have our security and infrastructure posture well-covered.
• Demonstrated hands-on experience leading SOC 2 Type I/II audits from scoping through certification.
• Practical knowledge of

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at floatme? Share your experience