About the Role

Zero Hash is looking for an experienced and passionate Chief Information Security Office (CISO) to lead our Infrastructure team. In this role, you will help secure our systems by designing and creating software, processes and policies, and championing their adoption across engineering and the rest of the company. You are responsible for ensuring that Zero Hash’s corporate and production systems exceed industry security and compliance standards by implementing security measures to monitor and protect sensitive data and systems.

What you will do

  • Develop and maintain a world-class security infrastructure, processes and teams
  • Perform security risk assessments to identify gaps, come up with recommendations and drive the gaps to completion
  • Conduct company-wide information security awareness training
  • Draft and maintain information security standards, policies and best practices for a scaling business in our position
  • Develop processes and procedures that mitigate and prevent vulnerabilities
  • Advise teams on developing pragmatic solutions that achieve business requirements and also maintain acceptable levels of risk
  • Evangelize security best practices across the organization
  • Collaborate with dev teams to apply a shift-left security strategy in the development lifecycle
  • Respond to security audits and security assessment requests
  • Get your hands dirty managing and improving our security operations tooling and architecture

Desired Skills

  • Minimum 8+ years of experience in a combination of risk management, information security and security engineering roles with at least 4 years in a senior leadership role
  • Experience working in a current CISO/Head of Security role
  • The ability to effectively communicate with both engineers and non-engineers to propose initiatives successfully
  • Direct experience leading and managing Information Security Management Systems to support SOC 2 and ISO 27001 compliance
  • Relevant experience managing security on cloud computer platforms (e.g. AWS).
  • Proven experience implementing and managing technical controls to support observability for potential security events. E.g. SIEM, end point protection, etc
  • Experience with common security monitoring, log analysis and forensic tools
  • Understanding of blockchain technology, signing, encryption and common attacks
  • Fantastic communication skills in both spoken and written forms to explain complex ideas to various audiences; such as, internal stakeholders and external customers and auditors
  • You thrive in an environment where collaboration and communication are paramount but are able to solve problems on your own
  • Certification in one or more technical information security disciplines (e.g. CISSP, CISM, CISA, SSCP, CCSP)