Chief Information Security Officer – CISO

Job not on LinkedIn

🕒 May 17

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of CEX.IO

CEX.IO

51 - 200 employees

Founded 2013

₿ Crypto

💸 Finance

💳 Fintech

💰 Seed Round on 2013-01

Crypto • Finance • Fintech

CEX. IO is a comprehensive cryptocurrency platform that allows users to buy, sell, trade, hold, and earn various cryptocurrencies. Since its inception in 2013, CEX. IO has been a leader in the crypto exchange industry, offering innovative solutions like crypto purchases with credit and debit cards and pioneering instant withdrawal services. The platform is designed for both individual users and enterprises, providing a full suite of services including spot and margin trading, a crypto wallet, a trading API, and staking options. CEX. IO is committed to compliance and regulation, maintaining the necessary licenses and adhering to global regulatory standards, providing a secure and reliable environment for over six million users worldwide.

📋 Description

• Lead the implementation and maintenance of the ICT risk management framework to meet CNMV and ESMA standards • Supervise and control ICT services provided by CEX.IO Ltd (UK), including cloud infrastructure, software development, and security operations • Identify, assess, and mitigate technological risks. Conduct annual reviews of the Business Impact Analysis (BIA) and the ICT Risk Assessment • Act as the ultimate authority for initiating the Incident Response Plan (IRP) for high and critical levels. Coordinate the notification of major incidents to the CNMV within mandated timelines (4h/72h/30 days) • Supervise critical ICT third-party service providers, with a focus on monitoring and ensuring compliance with agreed SLAs, RPOs, and RTOs • Oversee the security of crypto-asset custody solutions (Proprietary V2/V3 and external sub-custodians, like Coinbase). Ensure the integrity of MPC (Multi-Party Computation), HSM (Hardware Security Modules), and multisig signing processes. • Supervise the Secure Software Development Life Cycle and validate security testing in pre-production (UAT) environments before deployment • Approve and collaborate on operational resilience testing plans and specific tests regarding Distributed Ledger Technology (DLT) • Maintain a unified and centralized inventory of CEX.IO systems and infrastructure

🎯 Requirements

• University degree in Engineering, Computer Science, or Cybersecurity (ideally complemented by relevant certifications such as CISM or CISSP). • Proven track record in building cybersecurity frameworks and complying with EU financial regulations (DORA, MiCA, PCI DSS) • Technical Knowledge: Secure cloud architecture (specifically AWS environments) • Vulnerability management and monitoring tools (Grafana, Kibana, SIEM) • Cryptographic protocols and secure private key management • Strong communication skills for interacting with regulators and the ability to lead global technical teams under a "hub and spoke" operational model

🏖️ Benefits

• Professional development opportunities

Apply Now