Chief Information Security Officer - Remote

Santa Clara, California, United States - Remote

Applications have closed

PayNearMe

PayNearMe is a modern and reliable billing and payments platform that lets your customers pay how, when and where they want.

View company page

PayNearMe is the industry’s only platform that facilitates cash, debit, credit and ACH payments. With its great mobile experience, PayNearMe’s technology provides a simple way for businesses to collect payments through an intuitive, consistent experience for their customers. PayNearMe is the technology company that’s changing how payments are made.

We are a diverse and collaborative company that loves to delight its customers (merchants, consumers, etc.) with simple, useful and practical product/service offerings. PayNearMe is an innovative technology company headquartered in Silicon Valley with our employees distributed all across the US. Help us reimagine payments!

We’re in growth mode and looking to add a dynamic CISO reporting to SVP, Engineering.

As the CISO, you will be responsible for developing and implementing comprehensive information security strategies and ensuring the protection of our customers' data and assets. We are a DevOps shop so you will be expected to secure a CI/CD pipeline. This is a strategic leadership role that requires a deep understanding of cybersecurity best practices, risk management, and compliance in the FinTech industry.

Join us at PayNearMe, where you'll have the opportunity to make a significant impact on the security landscape of the FinTech industry and safeguard the trust of millions of customers. Apply now and be part of our mission to revolutionize payment processing with cutting-edge technology and uncompromising security standards.


What you’ll own and be responsible for:

  • Develop and lead the overall information security strategy and vision for PayNearMe.
  • Manage the audit team for PCI, ISO-27001, SOC1 and SOC2 certifications as well as the state audits for our Money Transmitter licenses.
  • Champion security within the dev teams who are using a CI/CD pipeline.
  • Establish and enforce information security policies, procedures, and guidelines to ensure the confidentiality, integrity, and availability of data and systems.
  • Oversee the implementation of security measures to safeguard against cyber threats, vulnerabilities, and attacks.
  • Conduct regular security assessments, penetration testing, and vulnerability assessments to identify potential weaknesses and address them promptly.
  • Stay up-to-date with the latest cybersecurity threats, industry trends, and regulatory requirements to maintain a proactive security posture.
  • Lead incident response and recovery efforts in case of security breaches or cyber incidents.
  • Manage and mentor a team of cybersecurity professionals, promoting a culture of continuous learning and development.
  • Liaise with third-party vendors and partners to ensure compliance with security standards and requirements.
  • Interface with internal and external stakeholders, including clients and regulatory bodies, on security-related matters.

Requirements

  • Bachelor's degree in Computer Science, Information Technology, or a related field.
  • Proven experience as a CISO with preference given to FinTech experience and/or a public company.
  • Strong understanding of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, PCI DSS, GDPR).
  • In-depth knowledge of threat landscape, cyber attack vectors, and incident response methodologies.
  • Experience with cloud security and managing security in cloud-based environments.
  • Excellent leadership, communication, and collaboration skills.
  • Relevant certifications (e.g., CISSP, CISM, CRISC) will be advantageous.

Location: Flexible / Remote (within the US)

Travel: 2x / year in-person team meet-ups (2-3 days, company paid)

Benefits

  • Base salary per year (paid semi-monthly)
  • Fast- paced and professional work culture
  • Stock options with standard startup vesting - 1 year cliff; 4 years total
  • $50 monthly communication expense stipend to go towards your phone/internet bill
  • $250 stipend to enhance your WFH setup
  • Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200)
  • Premium medical benefits including vision and dental (100% coverage for employees)
  • Company-sponsored life and disability insurance
  • Paid parental bonding leave
  • Paid sick leave, jury duty, bereavement
  • 401k plan
  • Flexible Time Off (our team members typically take off ~3-4 weeks per year)
  • Volunteer Time Off
  • 13 scheduled holidays
  • 2x / year in-person team meet-ups (2-3 days, company paid)

Salary Range: $225,000 - $265,000

PayNearMe strives to create a workplace where all employees thrive. Our core values represent who we are today and we take pride in the way we work with each other as well as with our stakeholders.

We’re in this together to do the right thing. We deliver real results we are proud of while remaining respectful, transparent, and flexible.

PayNearMe is an equal opportunity employer. We are diligently and thoughtfully working towards cultivating a diverse workforce which in turn, enhances our products and services for the communities we serve. Applicants who represent all backgrounds are strongly encouraged to apply.



CALIFORNIA CONSUMER PRIVACY ACT: APPLICANT NOTICE

Effective Date: January 1, 2020

Last Reviewed on: December 23, 2019

PayNearMe, Inc. (the “Company”) is providing you with this Notice (“Notice”) to inform you about:

  1. the categories of Personal Information that the Company collects and maintains about applicants; and
  2. the purposes for which the Company uses that Personal Information.

For purposes of this Notice, “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with, a natural person that the Company may collect in connection with screening applicants for job openings at the Company.

  1. Identifiers and Professional or Employment-Related Information. The Company collects identifiers and professional or employment-related information, which may include some or all the following: real name, nickname or alias, postal address, telephone number, e-mail address, membership in professional organizations, professional certifications, language skills, and current and past employment history. The Company collects this Personal Information to evaluate previous job performance and consider applicants for positions, to develop a talent pool and plan for succession, to conduct applicant surveys, to maintain an internal applicant directory and for purposes of identification, to promote the Company as a place to work, and for workforce reporting and data analytics/trend analysis.
  2. Personal Information Categories from Cal. Civ. Code § 1798.80(e). The Company may collect categories of Personal Information listed in Cal. Civ. Code §1798.80(e), other than those already listed above, (a) to the extent necessary to comply with the Company’s legal obligations, such as to accommodate disabilities; (b) to conduct a direct threat analysis in accordance with the Americans with Disabilities Act and state law; (c) for occupational health and safety compliance and record-keeping; and (d) to respond to an applicant’s medical emergency.
  3. Characteristics of Protected Classifications Under California or Federal Law. The Company may collect information about race, age, national origin, disability, sex, and veteran status as necessary to comply with legal obligations, including the reporting requirements of the federal Equal Employment Opportunity Act, the federal Office of Contracting Compliance Programs (applicable to government contractors), and California’s Fair Employment and Housing Act. The Company collects this Personal Information for purposes including: to comply with Federal and California law related to accommodation. The Company also collects this category of Personal Information on a purely voluntary basis, except where required by law, and uses the information only in compliance with applicable laws and regulations.
  4. Education Information. The Company collects education information such as resumes and graduation records. The Company collects this Personal Information to determine suitability for roles, to determine eligibility for training courses, and to assist with professional licensing.
  5. Profile Data. The Company may collect profile data, including the following: psychological assessments, behavior analyses, or other profiling of its applicants. The Company collects this Personal Information to determine aptitude for certain positions and job assignments as well.
  6. Background Screening Information. In the event that an applicant is given a formal job offer, the Company collects background screening information prior to hiring, including results of the following types of background screening: criminal history; sex offender registration; motor vehicle records; credit history; employment history; drug testing; and educational history. The Company collects this Personal Information to screen for risks to the Company and its clients, and continued suitability for their jobs and to evaluate applicants for promotions.

Assistance for Disabled Applicants

Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance.


#LI-remote

Tags: Analytics Audits C CI/CD CISM CISSP Cloud Compliance Computer Science CRISC DevOps FinTech GDPR Incident response ISO 27001 NIST PCI DSS Pentesting Privacy Risk management Security assessment Security strategy SOC 1 SOC 2 Strategy Vulnerabilities

Perks/benefits: 401(k) matching Career development Equity Flex hours Flex vacation Gear Health care Home office stipend Insurance Medical leave Parental leave Startup environment

Regions: Remote/Anywhere North America
Country: United States
Job stats:  55  10  1
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.