Chief Information Security Officer (CISO)
We are seeking an experienced Chief Information Security Officer (CISO) to define and execute our global security strategy. This role is pivotal in protecting our infrastructure, products, and clients against evolving threats while ensuring compliance with industry-leading security frameworks.
As a senior leader, you will oversee a team of cybersecurity engineers, work closely with engineering and product, and ensure security is embedded across all aspects of product development and operations.
Responsibilities
Strategy & Leadership
- Define and drive the company-wide cybersecurity strategy aligned with business, regulatory, and client needs.
- Build, lead, and mentor a high-performing team of cybersecurity and ICS engineers.
- Serve as executive-level liaison to regulators, auditors, clients, and (future) board committees.
- Partner with Risk, Legal, and Compliance teams to ensure readiness for public company standards (e.g., SOX, SEC disclosure requirements, risk management frameworks).
Security Architecture & Engineering
Lead hands-on technical work : penetration testing, exploit research, vulnerability assessments, and secure architecture reviews.Design and enforce security patterns for blockchain infrastructure, validator nodes, smart contracts, and cryptographic systems.Oversee architecture reviews, threat modeling, and code reviews for critical systems (web, API, mobile, blockchain).Build and maintain security architecture diagrams, process flows, and technical risk assessments.Operations & Compliance
Establish and oversee security operations, monitoring, and incident response capabilities.Drive compliance with SOC 2, ISO 27001, GDPR, PCI DSS, and other regulatory / security frameworks.Prepare the company for future licensing and regulatory regimes (e.g., MiCA, U.S. state / federal regimes, MAS, FCA).Collaboration & Enablement
Partner with product and engineering teams to embed security into the SDLC.Work with vendors and partners to validate and ensure secure integration.Promote a strong security culture through training, awareness, and leadership.
Requirements
Experience
8+ years of proven experience in cybersecurity, software engineering, or computer science with a focus on security.5+ years developing security programs or defining secure architectures.3+ years directly managing cybersecurity engineers.Demonstrated experience preparing organizations for public company requirements (SOX ITGC, enterprise risk, audit readiness).Prior exposure to regulatory environments (FCA, SEC, ESMA, MAS, etc.) and licensing processes for fintech / crypto firms.Skills & Knowledge
Deep technical expertise in penetration testing, threat modeling, and secure systems architecture.Strong knowledge of cloud-native security (AWS, GCP, Oracle cloud PaaS / IaaS / serverless).Strong knowledge of k8s securityFamiliarity with blockchain, crypto custody, validator infrastructure, and smart contract attack vectors.Proficiency in multiple programming languages (Python, Go, C / C++, JavaScript).Strong knowledge of common attacks and vulnerabilities (OWASP Top 10, SANS CWE 25).Expertise in security operations, SIEM, SOC design, incident response, and forensic analysis.Familiarity with CI / CD pipelines, DevSecOps practices, and agile methodologies.Certifications (preferred)
CISSP, CISM, OSCP, OSWE, OSCE, CEH, Security+, GSEC.Cloud security certifications (AWS / GCP).Audit / regulatory certifications (CISA, CRISC) a plus.
P2P.org is committed to providing equal opportunities. All applicants will be considered without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, veteran status, or disability.
