Information Security Officer

Job Description: Infosec Officer (CISO)

The Infosec Officer will be responsible for enterprise vision strategy and program to guarantee that information assets and technologies are suitably protected. This role includes creating and executing security policies procedures and programs to safeguard networks data and systems from online attacks with a particular focus on the unique challenges presented by Web 3.0 technologies. The  will collaborate closely with other business leaders to manage security risks coordinate security initiatives with business goals and ensure adherence to pertinent laws and standards.

Responsibilities:

• Develop and implement a comprehensive information security strategy to protect the organizations assets with a specific emphasis on securing Web 3.0 technologies including blockchain smart contracts decentralized applications (dApps) and digital assets.
• Establish and enforce security policies procedures and standards to safeguard the organizations data and systems ensuring that these measures are adapted to the decentralized and distributed nature of Web 3.0 environments.
• Lead the development and implementation of an enterprisewide information security program that addresses both traditional IT infrastructure and emerging Web 3.0 technologies.
• Conduct regular security risk assessments and audits including evaluations of smart contracts consensus mechanisms and cryptographic protocols to identify vulnerabilities and ensure compliance with regulatory requirements.
• Oversee the management of security incidents and investigations with a focus on detecting and mitigating threats specific to Web 3.0 such as vulnerabilities in decentralized finance (DeFi) platforms and nonfungible tokens (NFTs).
• Collaborate with engineering/technology and other departments to integrate security measures into the organizations technology infrastructure including Web 3.0 components such as blockchain nodes peertopeer networks and tokenized assets.
• Develop and manage the information security budget ensuring efficient allocation of resources to highpriority initiatives including the implementation of Web 3.0 security tools and platforms.
• Stay current with emerging security threats and technologies particularly in the Web 3.0 space and adapt strategies accordingly to mitigate risks.
• Provide regular reports to senior management and the board of directors on the status of the information security program including risk assessments incidents and compliance with specific insights into Web 3.0related risks.
• Lead the organizations response to security audits and assessments conducted by external parties including those related to Web 3.0 technologies.
• Promote a culture of security awareness across the organization through training and awareness programs with a focus on the risks and best practices associated with Web 3.0.
• Collaborate with legal and compliance teams to ensure adherence to relevant laws and regulations including data privacy laws and those specifically related to blockchain and digital assets.
• Develop and maintain strong relationships with external stakeholders including regulatory bodies industry associations and security vendors particularly in the Web 3.0 ecosystem.
• Oversee the selection and implementation of security solutions including firewalls intrusion detection/prevention systems encryption technologies and Web 3.0specific tools such as blockchain analysis platforms and smart contract auditing tools.
• Manage and mentor a team of security professionals providing guidance coaching and career development opportunities with an emphasis on building expertise in Web 3.0 security.
• Ensure the organizations security certifications (e.g. ISO 27001 NIST Cybersecurity Framework) are maintained and updated and pursue new certifications or standards relevant to Web 3.0 technologies.
• Develop and implement a robust incident response plan to address potential security breaches including those unique to decentralized environments and minimize impact.

Qualifications :

• Bachelors degree in computer science information technology or a related field; advanced degree preferred.
• 8 years of experience in information security with at least 8 years in a senior leadership role.
• Strong knowledge of information security standards and frameworks (e.g. ISO 27001 NIST Cybersecurity Framework CIS Controls) and their application in both traditional and Web 3.0 environments.
• Proven experience in developing and implementing comprehensive information security programs including strategies for securing Web 3.0 technologies.
• Solid understanding of risk management principles and practices with experience in assessing and mitigating risks in decentralized and blockchainbased environments.
• Experience conducting security risk assessments and developing mitigation strategies for both traditional IT and Web 3.0 technologies.
• Indepth knowledge of regulatory requirements related to information security data privacy and Web 3.0 technologies.
• Strong leadership skills with the ability to inspire and motivate teams.
• Exceptional communication and interpersonal skills with the ability to interact effectively at all levels of the organization.
• Analytical mindset with the ability to think critically and solve complex problems particularly in the context of Web 3.0 security challenges.
• Detailoriented with strong organizational and project management skills.
• Ability to navigate and influence in a complex and fastpaced business environment.
• Professional certifications such as Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC) are highly desirable. Knowledge or certification in blockchain security is a plus.
• High ethical standards and a commitment to maintaining confidentiality and integrity.
• Excellent business acumen and a commercial outlook with a deep understanding of the evolving Web 3.0 landscape.
• An approved person by CBB is desirable.

Remote Work :

No

Employment Type :

Fulltime