F
Posted 14 hours ago
Chief Information Security Officer
FloatMe
Requirements
10+ years progressive information security experience, 2+ years in senior IC or leadership role, Hands-on SOC 2 Type I/II audit leadership, GLBA, PCI DSS, and financial services compliance knowledge, Bank partner or enterprise security review experience, Cloud security proficiency (AWS, Cloudflare preferred), SIEM, EDR, vulnerability management, and secrets management experience, Incident response program experience, Strong written and verbal communication skills, Fintech or consumer financial services experience preferred, CISSP, CISM, CISA, or equivalent preferred
Skills
AWSCloudflareSIEMEDRGoFlutterPCI DSSIAM
About the role
Responsibilities
- Steer architecture of Cloud, Device, Code, App, AI, and Network infrastructure with security-first designs
- Set direction for IT, Data, and Security staff on infrastructure, integrations, and partnerships
- Serve as primary security contact for bank and fintech partners, completing questionnaires and risk assessments
- Own SOC 2 Type II end-to-end, including scoping, control design, evidence collection, and auditor management
- Maintain compliance across GLBA, PCI DSS, and applicable financial services frameworks
- Manage core security infrastructure: SIEM, EDR, WAF, IAM, secrets management, and vulnerability scanning
- Conduct or manage penetration testing and vulnerability assessments, driving remediation to closure
- Lead incident response including triage, containment, forensics, post-incident review, and breach notification
- Build and run security awareness training and phishing simulations across the company
- Review and negotiate security requirements in partner and vendor contracts
- Partner with Product, Engineering, Finance, and Legal to embed security into all products
- Develop and maintain a multi-year security roadmap and report posture and risk to executive leadership
Requirements
- 10+ years progressive information security experience, with 2+ years in a senior IC or leadership role
- Hands-on experience leading SOC 2 Type I/II audits from scoping through certification
- Practical knowledge of GLBA, PCI DSS, and financial services compliance requirements
- Experience managing bank partner or enterprise security reviews (e.g., SIG, CAIQ, VSA)
- Proficiency with cloud security (AWS and Cloudflare preferred), including IAM, VPCs, CloudTrail, GuardDuty, or equivalents
- Hands-on experience with penetration testing methodologies or managing third-party engagements
- Strong working knowledge of SIEM, EDR, vulnerability management, and secrets management tooling
- Experience building and running an incident response program with playbooks and tabletop exercises
- Excellent written and verbal communication skills; ability to explain technical risk to non-technical stakeholders
- Experience in fintech, neobank, lending, or consumer financial services strongly preferred
- CISSP, CISM, CISA, or equivalent certification a plus
Preferred Qualifications
- Ability to read, review, or automate review of server-side code for security (Golang)
- Ability to read, review, or automate review of apps-side code for security (Flutter)
About the Company
FloatMe is a fast-moving fintech building consumer financial products.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeChief Information Security Officer
FloatMe · San Antonio
