Chief Information Security Officer (CISO)

About Swirlds Labs:

Swirlds Labs was established with the mission to accelerate the future, built on Hedera – the most used, greenest, enterprise-grade public ledger for the decentralized economy. Our vision is to enable ‘Shared Worlds’, where anyone can gather, collaborate, conduct commerce, and control their own online footprint. We will enable this vision by continuing to provide development and other support for the Hedera network, building community and enterprise solutions that enable fast, rapidly scalable adoption of Hedera network services, and cultivating ‘moonshot’ projects that will change the way humans and organizations interact in cyberspace.

About the role:

As Swirlds Labs Chief Information Security Officer (CISO), you will drive Hedera’s overall security strategy and be responsible for Hedera’s cybersecurity posture. The CISO plays a key leadership role in Hedera’s ongoing business and technical operations in collaboration with Hedera’s members, aligning controls with risks. This role will cover both Hedera’s internal corporate security needs as well as those of Hedera’s public-facing networks. You will also engage with relevant organizations to further the security practices of our customers and the distributed ledger ecosystem as a whole. The CISO reports to and directly supports the Chief Information Officer (CIO), including acting on behalf of the CIO as needed.

We’re looking for someone with a strong and diverse cybersecurity background who can cover a wide spectrum of tasks and responsibilities from developing and governing foundational policies to taking a “hands-on” and helping design and implement appropriate technical controls.

You may find yourself doing all of the following:

• Driving the overall security strategy for Hedera to further mature security
• Developing, implementing and maintaining Cybersecurity policies and procedures
• Designing and monitoring risk-informed controls, accounting for the distributed nature of Hedera’s operations
• Reporting on Hedera’s security status and posture to staff, Hedera’s Council and Board and other stakeholders
• Researching and keeping abreast of evolving threats and vulnerabilities and, in collaboration with engineering and technical operations partners, implementing effective solutions against such threats
• Implementing secure development practices to support open-source development activities
• Undertake periodic security reviews and audits; develop and execute plans to address findings

Qualification Requirements:

• Good communication skills with ability to bridge between technical experts and business leaders
• Can analyze complex information and develop insights to support Hedera’s cybersecurity needs
• Experience with secure software development tools and practices
• Familiarity open stack platforms and tools
• Understanding of information risk standards and practices including ISO2700x and SOC2

Other skills that are great to bring with you but that we can help you develop:

• Interest in and knowledge about web3/blockchain/crypto/metaverse
• A growth mindset and an overall positive attitude
• Familiarity with open-source programs
• One of the following: IT Operations / DevOps or software development experience

Education and Experience: Bachelor’s degree with 10+ years of relevant information/cybersecurity experience. CISSP, CISA or similar certification