ChiefInformationSecurityOfficer

## Accountabilities Define and execute the enterprise cybersecurity strategy aligned with business objectives, regulatory requirements, and risk appetite. Lead and scale the security organization, covering enterprise IT security, application security, threat detection and response, and GRC functions. Oversee governance, risk, and compliance programs aligned with frameworks such as SOC 2, SOX ITGC, and ISO 27001. Drive secure-by-design architecture across infrastructure, applications, IAM/PAM, and custodial integrations. Own incident response strategy, including detection, containment, recovery, post-incident analysis, and continuous improvement. Lead vulnerability management and patching programs, ensuring risk-based prioritization across systems and environments. Develop and enforce third-party and vendor risk management processes, including security reviews and due diligence. Build a strong security awareness culture through training programs tailored to technical, operational, and executive audiences. Provide executive and board-level reporting on risk posture, emerging threats, and security program effectiveness. Champion agentic and AI-driven security initiatives, including automation of controls, compliance evidence, and security operations workflows. Requirements: 10+ years of experience in information security, including senior leadership or executive-level responsibility. Proven track record of building, leading, and scaling security teams in fast-paced or high-growth environments. Strong expertise across cybersecurity domains including threat detection, incident response, security architecture, and GRC. Experience working in regulated environments such as fintech, financial services, or publicly traded companies is highly desirable. Deep understanding of security frameworks including SOC 2, ISO 27001, and SOX ITGC controls. Experience with cloud-native security, IAM/PAM, and modern application security practices. Strong ability to translate technical risks