Information Security Officer

Apto Payments is transforming the card issuance industry. We help companies issue new kinds of cards with a better cardholder experience by removing constraints and enabling new use cases. Founded in 2014 as Shift Payments, the company worked with Coinbase to launch the first Bitcoin debit card. Today, as Apto, our mission is ambitious, creating new ways to connect people to their assets - crypto and non-crypto - by helping companies successfully launch innovative, user-centric card programs.

Apto is a well funded early stage startup, headquartered in San Francisco. We are focused on growing our business in a responsible way, building best-in-class products while managing regulatory and financial risk. We're motivated to empower developers and customers to design and build the next generation of can’t-live-without card products. Our headquarters are in San Francisco, but we have fully embraced and are constantly improving our remote-focused culture.

We are looking for an extraordinary Information Security Officer to help build the future of payments. The information security officer serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer and business information in compliance with APTO’s information security policies. We are looking for an experienced information security officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. You will be responsible for identifying vulnerabilities, developing and implementing security measures, and reporting on compliance of our systems and applications.

Your key responsibilities will include:

• Developing, implementing and monitoring a strategic, comprehensive enterprise information security and IT risk management program
• Monitoring system and network usage to ensure compliance with security policies.
• Providing input into the overall business technology planning to ensure that proper security measures are being taken
• Keeping up to date with developments in IT security standards and threats.
• Performing vulnerability and risk assessments
• Collaborating with management, engineering, and IT  departments to improve security.
• Responding to security breaches
• Documenting any security breaches and assessing their damage.
• Ensuring employee compliance with security measures
• Educating colleagues about security software and best practices for information security.

To be successful as an information security officer, you should have expert analytical skills and in-depth knowledge of best practices to prevent a wide range of security threats. Top candidates will also be excellent communicators and be able to train and educate our staff on various information security topics.

• Professional information security certification ( CISSO, CISSP, or CISM preferred )
• Experience in IT or cybersecurity ( Director+ )
• Solid knowledge of various information security frameworks.
• Excellent problem-solving and analytical skills.
• Ability to educate a non-technical audience about various security measures.
• Effective verbal and written communication skills.

• Competitive salary and equity
• 401k and unlimited PTO
• Fully-paid healthcare for you and dependents
• Stipend for ongoing professional development
• Work with a diverse team of impact-driven individuals
• Opportunity to build solutions for millions of people around the world
• Hybrid work environment - Ability to work from a local office (if we have one) or remote depending on location. Take an in-person meeting when it's more efficient, and skip the commute when it's not needed.

*Note that, pursuant to the Company's COVID-19 mitigation protocols, individuals must be fully vaccinated upon commencing employment, subject to legally required exemptions.

Prospective Talent and Job Applicant Privacy Notice *

When you apply to a job on this site, any personal data you provide, or which is collected as part of this process, will be processed by Apto Payments in order to manage its recruitment and hiring related activities. Under European data protection laws, your rights may include the right to access, port, erase, restrict, rectify or object to the processing of your personal data or where we rely on consent, the right to withdraw that consent. 

California Privacy Rights Notice for Job Applicants

Under the California Consumer Privacy Act (“CCPA”), Apto Payments is required to inform California residents who are our job applicants or prospective talent (together “job applicants”) about the categories of personal information we collect about you and the purposes for which we will use this information. This applies only to personal information that is subject to the CCPA such as:

• Personal and online identifiers (such as first and last name, email address, or unique online identifiers)
• Categories of information described in Section 1798.80(e) of the California Civil Code (such as physical characteristics or description, social security number, driver’s license or state identification number, address, insurance policy number, and bank account number)
• Characteristics of protected classifications under California or federal law (such as race or gender)
• Professional or employment-related information
• Education information
• Other information about you that is linked to the personal information above