Chief Information Security Officer

Glocomms is partnered with a premier financial services organization actively building out their capabilities in next-generation digital products to appoint a transformative Chief Information Security Officer (CISO).

As the senior-most security executive, the CISO will serve as a critical member of the executive leadership team, shaping enterprise risk posture and influencing digital strategy from the ground up. The firm's expansion into blockchain-based services and digital asset products presents an exceptional opportunity for a security leader to build a future-proof security function.

Key areas of responsibility:

Enterprise Security Strategy & Execution

• Define, implement, and continuously refine the organization's enterprise security vision, roadmap, and operating model in alignment with business objectives and technology strategy.

• Lead a comprehensive, multi-layered information security program that covers infrastructure, applications, data, and emerging product lines including digital assets and blockchain.

• Drive strategic security planning, ensuring the program scales with the organization's evolving regulatory obligations and risk profile.

Technical Security Architecture & Operations 

• Oversee the design, implementation, and management of security controls across core domains including:

  • Firewall architecture, VPNs, LAN/WAN security, IDS/IPS, network flow monitoring, and wireless defense

  • Authentication and authorization systems, encryption, and cryptographic key management

  • Blockchain security controls: nodes, smart contracts, APIs (experience in this area is a plus, not a requirement)

  • Physical security, RFID, access control, and video surveillance systems

• Direct the security lifecycle of technology systems from architecture through operations, collaborating with engineering and infrastructure teams.

Risk Management & Regulatory Compliance

• Own the firm's cyber risk management framework, including risk assessments, internal controls, governance, and third-party risk oversight.

• Ensure enterprise-wide compliance with applicable regulations, including BSA/AML, GLBA, SOX, GDPR, and state/federal privacy laws.

• Oversee internal and external audits, security testing, and regulatory engagements.

• Lead and mature the incident response, forensics, and crisis management capabilities, including evidence preservation and post-incident reviews.

Executive Leadership & Stakeholder Engagement

• Lead and develop a high-performing Security and Network Engineering team, providing mentorship, career development, and performance oversight.

• Serve as the security voice at the executive table, engaging regularly with the Board, CEO, CTO, legal, compliance, and business unit leaders.

• Champion cross-functional collaboration, ensuring security is integrated into product development, infrastructure, legal, and operations.

Vendor Management & External Engagement

• Oversee the evaluation, selection, and management of security vendors, MSSPs, and emerging technologies.

• Drive technical contract negotiation, budget planning, and strategic partnerships.

• Act as a primary liaison to law enforcement, regulatory bodies, and external auditors during investigations or reviews.

Culture, Innovation & Awareness 

• Lead enterprise security awareness and training programs, cultivating a strong security culture at all levels.

• Foster a mindset of security innovation, staying ahead of emerging technologies and threat trends-especially those relevant to financial services and blockchain.

• Represent the firm in external forums, working groups, and industry consortiums to influence best practices and stay informed.

Candidate requirements: 

• Bachelor's degree required; Master's degree preferred in a technical or relevant discipline.

• 15+ years of progressive IT and information security leadership, ideally within financial services, banking, or fintech environments.

• Strong command of modern security architecture, technologies, frameworks (e.g., NIST, ISO 27001), and controls across infrastructure, network, and cloud.

• Demonstrated experience leading large-scale security programs, regulatory compliance initiatives, and security operations functions.

• Adept at managing technical teams and external partners, with a track record of effective communication with C-level executives and Boards.

• Previous exposure to blockchain, cryptocurrency, or digital asset security is a plus-but not required.

Certifications (preferred but not required)

• CISSP, CISM, CISA, CRISC, CCSP, or other recognized security credentials.

The right candidate will be a seasoned security executive who can lead with both technical depth and strategic foresight. This role offers the opportunity to shape the future of financial cybersecurity in a dynamic and evolving landscape. Interested candidates should be a commutable distance (or willing to relocate) and able to come onsite up to 5x/week.