Chief Information Security Officer - Remote
Santa Clara, California, United States - Remote
PayNearMePayNearMe is a modern and reliable billing and payments platform that lets your customers pay how, when and where they want.
PayNearMe is the industry’s only platform that facilitates cash, debit, credit and ACH payments. With its great mobile experience, PayNearMe’s technology provides a simple way for businesses to collect payments through an intuitive, consistent experience for their customers. PayNearMe is the technology company that’s changing how payments are made.
We are a diverse and collaborative company that loves to delight its customers (merchants, consumers, etc.) with simple, useful and practical product/service offerings. PayNearMe is an innovative technology company headquartered in Silicon Valley with our employees distributed all across the US. Help us reimagine payments!
We’re in growth mode and looking to add a dynamic CISO reporting to SVP, Engineering.
As the CISO, you will be responsible for developing and implementing comprehensive information security strategies and ensuring the protection of our customers' data and assets. We are a DevOps shop so you will be expected to secure a CI/CD pipeline. This is a strategic leadership role that requires a deep understanding of cybersecurity best practices, risk management, and compliance in the FinTech industry.
Join us at PayNearMe, where you'll have the opportunity to make a significant impact on the security landscape of the FinTech industry and safeguard the trust of millions of customers. Apply now and be part of our mission to revolutionize payment processing with cutting-edge technology and uncompromising security standards.
What you’ll own and be responsible for:
- Develop and lead the overall information security strategy and vision for PayNearMe.
- Manage the audit team for PCI, ISO-27001, SOC1 and SOC2 certifications as well as the state audits for our Money Transmitter licenses.
- Champion security within the dev teams who are using a CI/CD pipeline.
- Establish and enforce information security policies, procedures, and guidelines to ensure the confidentiality, integrity, and availability of data and systems.
- Oversee the implementation of security measures to safeguard against cyber threats, vulnerabilities, and attacks.
- Conduct regular security assessments, penetration testing, and vulnerability assessments to identify potential weaknesses and address them promptly.
- Stay up-to-date with the latest cybersecurity threats, industry trends, and regulatory requirements to maintain a proactive security posture.
- Lead incident response and recovery efforts in case of security breaches or cyber incidents.
- Manage and mentor a team of cybersecurity professionals, promoting a culture of continuous learning and development.
- Liaise with third-party vendors and partners to ensure compliance with security standards and requirements.
- Interface with internal and external stakeholders, including clients and regulatory bodies, on security-related matters.
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- Proven experience as a CISO with preference given to FinTech experience and/or a public company.
- Strong understanding of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, PCI DSS, GDPR).
- In-depth knowledge of threat landscape, cyber attack vectors, and incident response methodologies.
- Experience with cloud security and managing security in cloud-based environments.
- Excellent leadership, communication, and collaboration skills.
- Relevant certifications (e.g., CISSP, CISM, CRISC) will be advantageous.
Location: Flexible / Remote (within the US)
Travel: 2x / year in-person team meet-ups (2-3 days, company paid)
- Base salary per year (paid semi-monthly)
- Fast- paced and professional work culture
- Stock options with standard startup vesting - 1 year cliff; 4 years total
- $50 monthly communication expense stipend to go towards your phone/internet bill
- $250 stipend to enhance your WFH setup
- Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200)
- Premium medical benefits including vision and dental (100% coverage for employees)
- Company-sponsored life and disability insurance
- Paid parental bonding leave
- Paid sick leave, jury duty, bereavement
- 401k plan
- Flexible Time Off (our team members typically take off ~3-4 weeks per year)
- Volunteer Time Off
- 13 scheduled holidays
- 2x / year in-person team meet-ups (2-3 days, company paid)
Salary Range: $225,000 - $265,000
PayNearMe strives to create a workplace where all employees thrive. Our core values represent who we are today and we take pride in the way we work with each other as well as with our stakeholders.
We’re in this together to do the right thing. We deliver real results we are proud of while remaining respectful, transparent, and flexible.
PayNearMe is an equal opportunity employer. We are diligently and thoughtfully working towards cultivating a diverse workforce which in turn, enhances our products and services for the communities we serve. Applicants who represent all backgrounds are strongly encouraged to apply.
CALIFORNIA CONSUMER PRIVACY ACT: APPLICANT NOTICE
Effective Date: January 1, 2020
Last Reviewed on: December 23, 2019
PayNearMe, Inc. (the “Company”) is providing you with this Notice (“Notice”) to inform you about:
- the categories of Personal Information that the Company collects and maintains about applicants; and
- the purposes for which the Company uses that Personal Information.
For purposes of this Notice, “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with, a natural person that the Company may collect in connection with screening applicants for job openings at the Company.
- Identifiers and Professional or Employment-Related Information. The Company collects identifiers and professional or employment-related information, which may include some or all the following: real name, nickname or alias, postal address, telephone number, e-mail address, membership in professional organizations, professional certifications, language skills, and current and past employment history. The Company collects this Personal Information to evaluate previous job performance and consider applicants for positions, to develop a talent pool and plan for succession, to conduct applicant surveys, to maintain an internal applicant directory and for purposes of identification, to promote the Company as a place to work, and for workforce reporting and data analytics/trend analysis.
- Personal Information Categories from Cal. Civ. Code § 1798.80(e). The Company may collect categories of Personal Information listed in Cal. Civ. Code §1798.80(e), other than those already listed above, (a) to the extent necessary to comply with the Company’s legal obligations, such as to accommodate disabilities; (b) to conduct a direct threat analysis in accordance with the Americans with Disabilities Act and state law; (c) for occupational health and safety compliance and record-keeping; and (d) to respond to an applicant’s medical emergency.
- Characteristics of Protected Classifications Under California or Federal Law. The Company may collect information about race, age, national origin, disability, sex, and veteran status as necessary to comply with legal obligations, including the reporting requirements of the federal Equal Employment Opportunity Act, the federal Office of Contracting Compliance Programs (applicable to government contractors), and California’s Fair Employment and Housing Act. The Company collects this Personal Information for purposes including: to comply with Federal and California law related to accommodation. The Company also collects this category of Personal Information on a purely voluntary basis, except where required by law, and uses the information only in compliance with applicable laws and regulations.
- Education Information. The Company collects education information such as resumes and graduation records. The Company collects this Personal Information to determine suitability for roles, to determine eligibility for training courses, and to assist with professional licensing.
- Profile Data. The Company may collect profile data, including the following: psychological assessments, behavior analyses, or other profiling of its applicants. The Company collects this Personal Information to determine aptitude for certain positions and job assignments as well.
- Background Screening Information. In the event that an applicant is given a formal job offer, the Company collects background screening information prior to hiring, including results of the following types of background screening: criminal history; sex offender registration; motor vehicle records; credit history; employment history; drug testing; and educational history. The Company collects this Personal Information to screen for risks to the Company and its clients, and continued suitability for their jobs and to evaluate applicants for promotions.
Assistance for Disabled Applicants
Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance.
Tags: Analytics Audits C CI/CD CISM CISSP Cloud Compliance Computer Science CRISC DevOps FinTech GDPR Incident response ISO 27001 NIST PCI DSS Pentesting Privacy Risk management Security assessment Security strategy SOC 1 SOC 2 Strategy Vulnerabilities
More jobs like this
., ., United States ., ., United States Full TimeExecutive Executive-levelUSD 48K - 90K * USD 48K+ *
Insider Threat Director - 100% US REMOTE ONLYAnalytics Compliance Governance Incident response Monitoring Risk assessment +3
401(k) matching Career development Competitive pay Equity Flex hours +5
Home based - Americas, … Home based - Americas, EMEA Full TimeExecutive Executive-levelUSD 29K - 55K * USD 29K+ *
Security Operations Team ManagerAgile Cloud Computer Science Governance Incident response ISO 27001 +11
Career development Parental leave Salary bonus Team events Travel
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs