BitPay is hiring a Chief Information Security Officer to lead our security and technology initiatives. You will ensure the integrity, confidentiality, and availability of company information and systems while overseeing IT operations and managing the IT team. You'll establish best practices in information technology and asset management while providing security and technology compliance advisory to other business units.

What You'll Do

Work closely with CTO, CCO, Legal Counsel, and other executives to develop and enhance the overall information security program.
Own tactical execution of the strategic direction and vision of the information security program.
Analyze business priorities and risk exposure to ensure protection of critical systems and data assets.
Develop and maintain security metrics and goals.
Draft information security program policies and procedures to ensure compliance with best practices and regulatory requirements.
Manage expectations of leadership, customers, third-party partners, and employees.
Direct and oversee information governance activities, including SOC 2 audits, NYDFS Part 500, EU/DORA, cybersecurity risk assessments, Penetration Tests, and program enhancements.
Lead information security-related committees and working groups.
Manage incident response program, including business continuity/disaster recovery and security incident preparedness.
Manage Endpoint Security.
Manage third-party risk assessments and other risk-related audit deliverables.
Represent the company in discussions with auditors and regulators.
Manage security vendor/supplier relationships.
Manage a team of information technology and security professionals, hire and train new employees, conduct performance reviews, and provide leadership and coaching.
Manage expenses and budgets for the information security department; build and present business cases for security initiatives and investments.
Lead training and awareness efforts across the organization and build a culture of compliance around information security and data privacy.
Continuously monitor trends to anticipate and plan for information security risks.
Provide positive and collaborative leadership to all departments (e.g., sales, engineering, product management, legal, compliance, finance, customer success).