¡Activa las notificaciones laborales por email!
Chief
P2P.org
España
A distancia
EUR 90.000 - 110.000
Jornada completa
Descripción de la vacante
A leading fintech company is seeking a Chief Information Security Officer (CISO). You will define and execute the cybersecurity strategy, manage a team of experts, and ensure compliance with regulatory requirements. The role requires extensive experience in cybersecurity and secure architecture development. This position offers a competitive salary and fully remote work options.
Servicios
Formación
- Proven experience in developing security architectures.
- Demonstrated experience with public company requirements.
- Prior exposure to regulatory environments for fintech/crypto.
Responsabilidades
- Define and drive company-wide cybersecurity strategy.
- Build and mentor a high-performing cybersecurity team.
- Ensure compliance with SOC 2, ISO 27001, GDPR, and others.
Conocimientos
Educación
Herramientas
Chief Information Security Officer (CISO) P2P.org España A distancia EUR 90.000 - 110.000 Jornada completa
P2P.org is seeking an experienced Chief Information Security Officer (CISO) to define and execute our global security strategy. This role is pivotal in protecting our infrastructure, products, and clients against evolving threats while ensuring compliance with industry-leading security frameworks. As a senior leader, you will oversee a team of cybersecurity engineers, work closely with engineering and product, and ensure security is embedded across all aspects of product development and operations.
- Define and drive the company-wide cybersecurity strategy aligned with business, regulatory, and client needs.
- Build, lead, and mentor a high-performing team of cybersecurity and ICS engineers.
- Serve as executive-level liaison to regulators, auditors, clients, and (future) board committees.
- Partner with Risk, Legal, and Compliance teams to ensure readiness for public company standards (e.g., SOX, SEC disclosure requirements, risk management frameworks).
- Security Architecture & Engineering
- Lead hands-on technical work: penetration testing, exploit research, vulnerability assessments, and secure architecture reviews.
- Design and enforce security patterns for blockchain infrastructure, validator nodes, smart contracts, and cryptographic systems.
- Oversee architecture reviews, threat modeling, and code reviews for critical systems (web, API, mobile, blockchain).
- Build and maintain security architecture diagrams, process flows, and technical risk assessments.
- Operations & Compliance
- Establish and oversee security operations, monitoring, and incident response capabilities.
- Drive compliance with SOC 2, ISO 27001, GDPR, PCI DSS, and other regulatory/security frameworks.
- Prepare the company for future licensing and regulatory regimes (e.g., MiCA, U.S. state/federal regimes, MAS, FCA).
- Partner with product and engineering teams to embed security into the SDLC.
- Work with vendors and partners to validate and ensure secure integration.
Promote a strong security culture through training, awareness, and leadership.
- Experience
- 8+ years of proven experience in cybersecurity, software engineering, or computer science with a focus on security.
- 5+ years developing security programs or defining secure architectures.
- 3+ years directly managing cybersecurity engineers.
- Demonstrated experience preparing organizations for public company requirements (SOX ITGC, enterprise risk, audit readiness).
- Prior exposure to regulatory environments (FCA, SEC, ESMA, MAS, etc.) and licensing processes for fintech/crypto firms.
- Skills & Knowledge
- Deep technical expertise in penetration testing, threat modeling, and secure systems architecture.
- Strong knowledge of cloud-native security (AWS, GCP, Oracle cloud PaaS/IaaS/serverless).
- Strong knowledge of Kubernetes security.
- Familiarity with blockchain, crypto custody, validator infrastructure, and smart contract attack vectors.
- Proficiency in multiple programming languages (Python, Go, C/C++, JavaScript).
- Strong knowledge of common attacks and vulnerabilities (OWASP Top 10, SANS CWE 25).
- Expertise in security operations, SIEM, SOC design, incident response, and forensic analysis.
- Familiarity with CI/CD pipelines, DevSecOps practices, and agile methodologies.
- Certifications (preferred)
- CISSP, CISM, OSCP, OSWE, OSCE, CEH, Security+, GSEC.
- Cloud security certifications (AWS/GCP).
Audit/regulatory certifications (CISA, CRISC) a plus.
At P2P.org we have a team with ownership culture and a focus on building innovative security solutions. We offer fully remote work and a range of benefits described below.
- Fully remote
- Full-time contractor (Indefinite-term Consultancy Agreement)
- Competitive salary level in USD (crypto payment available)
- Paid vacation and sick leave
- Support for overseas conferences and community immersion
Equal opportunity statement: P2P.org is committed to providing equal opportunities. All applicants will be considered without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, veteran status, or disability.
Seniority level: Executive
Employment type: Full-time
Job function: Information Technology
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
