Chief Information Security Officer REMOTE

Chief Information Security Officer

FULLY REMOTE

bitFlyer USA is based in San Francisco, CA

Who We Are

Looking to join a dynamic, international team with a passion for virtual currency and gain opportunities for career growth?

bitFlyer is one of the first cryptocurrency exchanges with licenses to operate across US, EU and Japan. We operate a virtual currency exchange, which provides our customers with a convenient, secure platform to buy and sell virtual currencies. With the lowest fees amongst regulated US exchanges, bitFlyer offers tools and services for our customers to start investing with ease. Our vision is to build a truly global Bitcoin and blockchain company to reflect the international nature of the virtual currency.

Established in January 2014 in Tokyo, bitFlyer expanded into the European Union and launched bitFlyer USA in San Francisco in November 2017. With over $180 billion global transaction volume in 2021, bitFlyer continues to grow our team.

Who You Are

As the CISO, you will be in charge of the bitFlyer US Information Security and IT Infrastructure Division. You will oversee and manage the US Information Security framework, ensuring compliance with regulatory requirements.

You will be an instrumental part of our growth story, working for a leading player of a fast-growth and revolutionary industry. You have a familiarity and/or genuine interest in Bitcoin and blockchain technology and are comfortable in a fully remote work environment.

We have, and are seeking to maintain, a New York BitLicense. You will help lead, develop, and maintain our information security program to ensure policy, infrastructure, safeguards, processes, and procedures align with company and regulatory needs. You will work in collaboration with key stakeholders from Japan and the EU, ensuring we implement best practices for information security governance, compliance, and risk management while driving other strategic security projects.

What You ll Do

• Report to executive leadership on the information security program, including annual program review, budgetary requirements, and on-going updates on recurring activities
• Be responsible for the success, leadership, and execution of the US information Security Program and influence the strategy and direction of the Global Information Security Program
• Maintain existing, and oversee the development of, security controls and ensure compliance with targeted security and privacy frameworks
• Develop and monitor relevant metrics, like KPIs and SLAs, to evaluate performance of IT, security and service provider operations
• Record, monitor, report and organize the remediation of any security incidents
• Detect, analyze, record, report and monitor emerging security threats or reported vulnerabilities and ensure mitigating actions are taken
• Leverage feedback from internal stakeholders, third-party experts, and regulators to enhance the security organization
• Mentor your team, defining objectives, plans, and criteria for success
• Oversee training related to business continuity and disaster recovery, incident response, and general cybersecurity awareness
• Work with potential partners and vendors to ensure they meet our security standards
• Establish, approve, and maintain policies, standards, and procedures for the information security program and ensure effective communication and enforcement
• Function as a point of escalation, enabling your team to identify, address, and resolve challenges
• Oversee internal and external audits
• Coordinate with and support Tokyo infrastructure and security teams, as required

Skills & Experience

• Undergraduate degree in a related technical discipline
• 10+ years of experience within the financial services or technical sectors
• 10+ years of experience leading information security teams, and 5+ years related to overseeing managers
• 5+ years of experience working with financial regulators
• Excellent written and verbal communication skills, bringing together a global team
• Experience implementing, developing, and monitoring a strategic and holistic information security and IT risk management program
• Hands-on experience coordinating and overseeing incident response activities
• Demonstrated experience with security control frameworks (e.g. SOC 2, ISO, NIST, DFS 500, COSO, COBIT, etc.)
• Knowledge of common security and operations tooling including, but not limited to, endpoint detection and response, mobile device management, secure web gateways, vulnerability management, and learning management platforms
• Familiarity building and executing table-top exercises for technical and non-technical stakeholders
• Proven experience with executive level risk reporting and communications
• Extremely driven and hardworking
• Demonstrated ability to lead cross-functional teams
• A natural problem solver
• Adaptable and calm under pressure
• Metrics-driven

Nice to Have (Preferred Skills)

• Advanced security certifications, such as CISSP, CISM, CISA, OSCP, CASP, CCS, C/CISO
• Knowledge of Microsoft Azure preferred
• Knowledge of basic SQL queries would be a plus
• Fluency or familiarity with Japanese language is a huge plus

Why Join Us?

We offer a competitive total rewards package for our employees including:

• Comprehensive health | dental | vision benefits
• PTO Plan with additional sick leave
• Employee Wellness Stipend
• Flexible work schedule
• Training and career development opportunities
• Small, dynamic team with access to senior leadership
• Paid travel for on-site team events
• Financial support for continued education or certification