Chief Information Security Officer chez DriveWealth
DriveWealth · New York, États-Unis d'Amérique · Hybrid
- Senior
- Bureau à New York
DriveWealth is a global B2B financial technology organization dedicated to democratizing access to financial independence around the world. Our mission is realized through an API-based platform, empowering our partners to offer seamless investing and trading experiences to clients worldwide, all from their mobile devices.
Our technology provides partners with a modern, extensible toolkit, enabling traditional investment workflows and innovative techniques like fractional share ownership. DriveWealth has evolved into a global platform offering trading of US equities, mutual funds, ETFs, fixed income, and options.
We seek enthusiastic professionals to contribute diverse perspectives and experiences to our Brokerage-as-a-Service platform. Our culture blends the pace and opportunity of a tech start-up with the impact, stability, and significance of Wall Street. We encourage creativity and experimentation while ensuring institutional-grade execution and regulatory compliance in everything we do. We value diversity and inclusion, celebrating the unique differences of our employees as we scale and grow together. We’re guided by operating principles grounded in accountability, teamwork, integrity, and solutions built to scale. Join us!
About the Role
As Chief Information Security Officer, you will be responsible for leading and strengthening the company’s entire security function across four key domains: Governance, Risk & Compliance (GRC), Offensive Security (Red Team), Defensive Security (Blue Team), and Security Engineering & Architecture. You will take charge of strategy, improve processes, manage budgets, and build out teams to support ambitious growth goals. The CISO will also represent security to senior leadership and the board, ensuring the organization is compliant with industry standards and ready for regulatory scrutiny.
What You’ll Do
- Oversee and enhance policy frameworks and regulatory compliance programs (e.g., SOC, ISO27001, GDPR)
- Conduct and improve security monitoring, incident response, and threat hunting functions
- Direct penetration testing and vendor management activities
- Lead the engineering of secure network and identity management systems in the cloud
- Build, mentor, and expand a skilled security team across underdeveloped areas (especially GRC and Blue Team)
- Engage with industry forums, prepare audit and compliance reports, and present to company leadership
- Drive readiness for public company listing and support ongoing business growth
What You’ll Need
- Strong experience in regulated industries (preferably fintech; healthcare also considered)
- Deep knowledge of cloud-first and zero-trust security models
- Proven track record in building full-scale security programs for public or pre-IPO companies
- Hands-on leadership with the ability to develop and expand high-performing teams
- Expertise in standards compliance, including SOC, ISO27001, and GDPR
- Experience presenting security strategy to executive and board-level leadership
- Familiarity with security certifications and regulatory forums (e.g., FINRA, ISAC)
- Ability to manage budgets and vendor relationships in a dynamic environment
Compensation
Compensation package offerings are based on candidate experience and technical qualifications, as it relates to the role. These are identified and determined throughout your interviewing experience.
Please note: this role is expected to come into our office on a cadence set by the Hiring Manager/Team.
Benefits
- Competitive medical, dental, and vision insurance options
- Mental health resources
- Generous paid time off with observed holidays (varies per country)
- Paid parental leave for biological and adoptive parents
- Up to $2,500 or local equivalent each year to invest in continued education and personal development
- Up to $900 each year or local equivalent for fitness and wellness reimbursement
- Company-provided phone (varies by country)
- Hybrid work experience that allows for flexibility
- For HQ in-office employees, a daily lunch stipend, unlimited snacks, and engaging office space in the Financial District
- Pre-tax commuter benefits (US only)
- Employer 401K match (US only)
Benefit offerings vary based on country and are subject to change.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
TO ALL AGENCIES: Please, no phone calls or emails to any employee of DriveWealth outside of the Talent organization. DriveWealth’s policy is to only accept resumes from agencies via Greenhouse (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of DriveWealth. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.
