​Chief Information Security Officer (REMOTE)

Chief Information Security OfficerLocation : This is a fully remote role with occasional travel.Who We AreLooking to join a dynamic, international team with a passion for virtual currency and gain opportunities for career growth?bitFlyer just celebrated its 11th anniversary in January 2025 and is one of the first cryptocurrency exchanges licensed  to operate across US, EU and Japan.  We operate a virtual currency exchange, which provides our customers with a convenient, secure platform to buy and sell virtual currencies. With some of the lowest fees amongst regulated US exchanges, bitFlyer offers tools and services for our customers to start investing with ease.  Our vision is to build a truly global Bitcoin and blockchain company to reflect the international nature of the virtual currency. Established in January 2014 in Tokyo, bitFlyer expanded into the European Union and launched bitFlyer USA in San Francisco in November 2017. We continue to pursue our mission of making the world simpler with blockchain. Today, we empower millions of people across the globe to access cryptocurrencies and are seeking talented individuals to join our team and be part of our growth story.                                                                                                                           Who You AreAs the CISO, you will be in charge of the bitFlyer US Information Security and IT Infrastructure Division. You will oversee and manage the US Information Security & Privacy program, ensuring compliance with regulatory requirements.You will be an instrumental part of our growth story, working for a leading player of a fast-growth and revolutionary industry. You have a familiarity and / or genuine interest in virtual currency, cryptography and blockchain technology. We offer a hybrid work environment and are looking for a candidate based in the New York Metro area.We have a New York DFS issued BitLicense and also hold state specific licenses as needed such as the Money Transmitter License. It will be your responsibility to support the information security related compliance requirements to maintain these licenses. You will help lead, develop, and maintain our information security program to ensure policy, infrastructure, safeguards, processes, and procedures align with company and regulatory needs. You will work in collaboration with key stakeholders from Japan and the EU, ensuring we implement best practices for information security governance, compliance, and risk management while driving other strategic security projects.What You’ll DoReport to executive leadership on the information security program, including annual program review, budgetary requirements, and on-going updates on recurring activities Be responsible for the success, leadership, and execution of the US information Security & Privacy Program and influence the strategy and direction of the Global Information Security ProgramMaintain existing, and oversee the development of, security controls and ensure compliance with targeted security and privacy frameworksDevelop and monitor relevant metrics, like KPIs and SLAs, to evaluate performance of IT, security and service provider operationsRecord, monitor, report and organize the remediation of any security incidentsDetect, analyze, record, report and monitor emerging security threats or reported vulnerabilities and ensure mitigating actions are takenLeverage feedback from internal stakeholders, third-party experts, and regulators to enhance the security organizationMentor your team, defining objectives, plans, and criteria for successOversee training related to business continuity and disaster recovery, incident response, and general cybersecurity awarenessWork with potential partners and vendors to ensure they meet our security standardsEstablish, approve, and maintain policies, standards, and procedures for the information security program and ensure effective communication and enforcementFunction as a point of escalation, enabling your team to identify, address, and resolve challengesManage and escalate access reviews and IT infrastructure related changes with the parent organization (Japan)Support the IT / Onboarding and operational IT / Vulnerability & Patch Management activities for US endpoints.Oversee internal and external auditsCoordinate with and support Tokyo infrastructure and security teams, as requiredYou will be subject to background screening and disclosure requirements to meet regulatory expectations.Skills & ExperienceUndergraduate degree in a related technical discipline8-12 years of experience within the financial services or technical sectors8-12 years of experience leading information security teams, and 5 years related to overseeing managers5 years of experience working with financial regulatorsExcellent written and verbal communication skills, bringing together a global teamExperience implementing, developing, and monitoring a strategic and holistic information security and IT risk management programHands-on experience coordinating and overseeing incident response activitiesDemonstrated experience with security control frameworks (e.g. SOC 2, ISO, NIST, DFS 500, COSO, COBIT, etc.)Familiarity and comfort with MacOS and tools such as Tenable /   Nessus, JAMF is a plusKnowledge of common security and operations tooling including, but not limited to, endpoint detection and response, mobile device management, secure web gateways, vulnerability management, and learning management platformsFamiliarity building and executing table-top exercises for technical and non-technical stakeholdersProven experience with executive level risk reporting and communicationsExtremely driven and hardworkingDemonstrated ability to lead cross-functional teamsA natural problem solverAdaptable and calm under pressureMetrics-drivenNice to Have (Preferred Skills)Advanced security certifications, such as CISSP, CBCP, ,CFE, CISM, CISA, OSCP, CASP, CCS, C / CISOKnowledge of Microsoft Azure preferredKnowledge of basic SQL queries Fluency or familiarity with Japanese language Why Join Us?We offer a competitive total rewards package for our employees including : Comprehensive health | dental | vision benefits401k planPTO Plan with additional sick leaveHybrid WorkTraining and career development opportunitiesSmall, dynamic team with access to senior leadershipPaid travel for on-site eventsFinancial support for continued education or certification