Chief Information Security Officer

We are COMPLY .

For compliance people.

We pride ourselves on being the champion for compliance professionals. Merging technology consulting and education we help clients navigate the ever-changing regulatory environment. We serve more than 7000 clients globally through our solutions including ComplySci RIA in a Box National Regulatory Service (NRS) and illumis. We are a high-growth organization and have been recognized with numerous awards including by Inc. 5000 Institutional Asset Manager Awards Private Equity Wire Awards and the Women in Data & Technology Awards.

COMPLY is made up of 350+ professionals worldwide. In the US alone we have team members in 45 states. Employees of COMPLY have access to comprehensive benefits unlimited PTO paid bonding leave and 100% remote work flexibility with a WFH stipend.

Come join our team of talented innovators working together to forge the next generation of compliance.

To learn more about COMPLY visit COMPLY.com .

The Chief Information Security Officer ( CISO ) plays a key role in developing and executing our organization's information security strategy. You will be responsible for designing and implementing comprehensive security programs managing security initiatives and building a culture of security awareness and compliance throughout the organization. You have experience in SaaS businesses ensuring security and compliance of products that handle sensitive information.

Responsibilities:

• Information Security Strategy: Develop and implement an information security strategy that aligns with the organization's objectives and regulatory requirements.

• Risk Management: Assess and prioritize security risks and vulnerabilities and create plans to mitigate these risks effectively.

• Security Policies and Procedures: Establish and maintain information security policies standards and procedures in accordance with best practices and industry standards.

• Security Compliance: Ensure compliance with relevant laws regulations and industry standards including but not limited to GDPR HIPAA ISO 27001 NIST etc.

• Incident Response: Develop and oversee an incident response plan including breach response and lead investigations as needed.

• Security Awareness: Foster a culture of security awareness and compliance among employees through training programs communication and awareness initiatives.

• Security Technology: Evaluate select and implement security technologies and tools including firewalls intrusion detection systems and encryption.

• Vendor and Third-Party Risk Management: Assess and manage the security risks associated with third-party vendors and service providers.

• Security Audits and Assessments: Oversee security audits and assessments to identify vulnerabilities and ensure compliance.

• Budget Management: Manage the information security budget making cost-effective decisions that ensure the organization's security.

• Security Reporting: Provide regular reports to executive management and stakeholders on the status of the organization's security.

• Team Leadership: Build and manage a high-performing information security team.

Qualifications:

• Bachelor's or Master’s degree in Computer Science Information Security or related field.

• 10+ years of experience in information security with at least 5 years in a leadership role ideally within a SaaS or FinTech organization

• Relevant industry certifications such as CISSP CISM CISA or similar

• Deep understanding of security risks threat landscape and best practices in the FinTech and SaaS industries

• Experience managing programs to maintain certifications like SOC2 ISO 27001 FedRAMP CSA STAR or similar

• Exceptional leadership and organizational skills.

• Excellent communication and interpersonal abilities

• Strong analytical and problem-solving skills

Nice to have:

• Experience working with software development and operations teams

• Understanding of security practices in agile software development

• Experience with cloud security (AWS Azure Google Cloud etc.) APIs and container security

• Expertise working with global teams in different geographies and time zones

$185000 - $200000 a year

The compensation range for this role is specific to the United States and takes into account a wide range of factors that are considered in making compensation decisions including but not limited to skill sets training licensure and certification and experience. A reasonable estimate of the base salary range for this role would be $185000-$200000 plus applicable bonus/benefits offerings etc as those similarly situated within the Company.

COMPLY is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion disability sex sexual orientation gender identity or national origin. Nothing in this job posting should be construed as an offer or guarantee of employment.