Back to Jobs
Tempe, AZ, USA Hybrid Full-time USD 275,000 – 305,000 / year

Achieve is hiring a Chief Information Security Officer (CISO)

Responsibilities

  • Develop and implement a long-term, organization-wide cybersecurity roadmap that supports strategic business objectives and scalability.
  • Act as the principal security advisor to senior executives, board members, regulatory bodies, and external stakeholders.
  • Convert technical cyber risks into clear business implications and establish a data-informed security function focused on automation, risk mitigation, and business enablement.
  • Recognize when formal corporate governance structures become central to organizational operations.
  • Maintain awareness and supervision of compliance with SEC regulations and Sarbanes-Oxley Act IT controls.
  • Lead security governance in alignment with key financial technology regulations such as PCI DSS 4.0, SOC 1/SOC 2, GLBA, FFIEC guidelines, and state-level privacy laws.
  • Create and deliver executive-level risk reporting and disclosures, collaborating with Legal, Finance, and Audit teams on cyber risk oversight.
  • Manage enterprise-wide risk assessment, vendor security due diligence, and ongoing compliance readiness under standards like NIST and ISO 27001.
  • Supervise the Security Operations Center, incident response planning, threat detection systems, digital forensics, and vulnerability management programs.
  • Lead cloud security strategy and posture management across major public cloud platforms including AWS, Azure, and GCP.
  • Collaborate with engineering and product teams to integrate secure-by-design and DevSecOps practices throughout the software development lifecycle.
  • Lead enterprise-wide identity and access management, Zero Trust architecture, and data protection initiatives to secure sensitive customer financial information.
  • Serve as a trusted authority ensuring customers that their data is protected and handled responsibly.
  • Act as executive sponsor for the secure and business-aligned integration of artificial intelligence and machine learning technologies.
  • Define enterprise-wide policies, controls, and safeguards to evaluate and manage AI-related risks such as data exfiltration, prompt injection, IP exposure, and algorithmic bias.
  • Work with engineering to enable secure innovation in AI that improves fraud detection, operational efficiency, and customer experience.
  • Advance security modernization through AI-powered operations, automated workflows, and predictive threat intelligence.
  • Provide strategic direction on AI adoption with an embedded security perspective.
  • Recruit, develop, and retain high-performing cybersecurity talent, promoting accountability and continuous learning.
  • Shift organizational focus from compliance-driven responses to proactive risk management that supports innovation and speed.
  • Promote a security-first mindset across technical and business units, balancing strong security controls with business agility.
  • Serve as the senior security representative during customer audits, strategic alliance discussions, and regulatory engagements.

Compensation

Competitive salary and executive compensation package

Work Arrangement

Full-time, on-site or hybrid depending on role requirements

Team

Leads enterprise cybersecurity function with cross-functional influence across engineering, product, legal, and audit

Responsibilities

  • Define and execute a multi-year, enterprise-wide cybersecurity strategy aligned with business objectives and future growth.
  • Serve as a trusted primary security advisor to executive leadership, the Board of Directors, regulators, and external partners.
  • Translate cyber risk into business impact and build a modern, metrics-driven, risk-based security organization focused on enablement, automation, and measurable risk reduction.
  • Know when a regulated corporate governance function becomes the mainstay of the organization.
  • Knowledge and Oversight of SEC expectations and Sarbanes-Oxley Act (SOX) ITGCs processes.
  • Direct enterprise security governance aligned to critical fintech regulatory obligations, including PCI DSS 4.0, SOC 1/SOC 2, GLBA, FFIEC guidance, and state privacy regulations.
  • Develop and maintain board-level reporting and risk disclosures, while partnering with Legal, Finance, and Audit on cyber risk governance.
  • Oversee enterprise risk management, third-party vendor security, and continuous audit readiness across frameworks such as NIST and ISO 27001.
  • Oversee the Security Operations Center (SOC), incident response, threat detection, digital forensics, and vulnerability management.
  • Drive robust cloud security posture and strategy across AWS, Azure, and/or GCP environments.
  • Partner with Engineering and Product to embed secure-by-design and DevSecOps principles across the software development lifecycle (SDLC).
  • Lead enterprise identity and access management (IAM) strategy, Zero Trust architecture, and data protection programs to safeguard customer financial data.
  • Be the Trust Center customers need to know their data is secure.
  • Serve as the executive sponsor for the secure, responsible, and business-aligned adoption of AI and machine learning technologies.
  • Establish enterprise, controls, and guardrails to assess and manage AI risks, including data leakage, prompt injection, intellectual property protection, and model bias.
  • Partner with engineering to enable secure AI innovation that enhances operational efficiency, fraud detection, and customer experience.
  • Drive modernization leveraging AI-driven security operations, automation, and predictive threat detection.
  • Guide the organization on its journey of AI advancements with a security mindset.
  • Build, mentor, and retain high-performing cybersecurity teams, fostering a culture of accountability and continuous improvement.
  • Drive a shift from reactive compliance mindset to a proactive risk-management framework that enables business velocity and product innovation.
  • Champion a security-first culture across engineering and business teams, balancing security rigor with business velocity.
  • Act as the executive security lead during customer due diligence, strategic partnerships, and regulator interactions.

May be available based on business needs and eligibility

About company
Achieve
Achieve is a leading digital personal finance company that helps everyday people move from struggling to thriving by providing innovative, personalized financial solutions including personal loans, home equity loans, debt consolidation, financial tools and education.
All jobs at Achieve Visit website
Job Details
Category management
Posted 5 days ago