Chief Information Security Officer (CISO)

The Company

Swan is the USA’s #1 Bitcoin wealth platform for families and businesses. We hire passionate Bitcoiners who want to work with a self-motivated and fully distributed startup team.

The Role

Swan is seeking a hands-on, technically-minded CISO to lead our security team and help scale a robust, risk-informed security program across a rapidly growing fintech platform. You’ll be responsible for protecting our clients, partners, and infrastructure, while supporting a culture of trust, transparency, and operational excellence.

This role reports directly to executive leadership and involves close collaboration across engineering, product, operations, and compliance.

Core Responsibilities

• Security Leadership and Strategy: Define and execute the company’s cybersecurity strategy in alignment with business goals and regulatory expectations. Maintain an actionable roadmap that evolves with Swan’s growth and risk profile.
• Security Team Leadership: Lead the Security group responsible for Enterprise IT Security, AppSec, TDR, GRC, and other security functions. Lead the broader Security Guild process which also includes platform and product security teams. Build a high-performance culture focused on proactive risk management and technical depth. Help organize projects and set priorities.
• Governance, Risk, and Compliance: Oversee risk management processes, policies, and controls aligned with frameworks such as SOC 2, SOX, and ISO 27001. Partner with executive team to create a culture of risk ownership and SOPs across the organization.
• Security Architecture: Drive secure-by-design principles across infrastructure, applications, and custodial integrations. Review and influence technical designs to ensure security is embedded at every layer. Oversee IAM/PAM efforts.
• Threat Detection and Response: Own the incident response program from detection through post-mortem. Ensure continuous improvement through tabletop exercises, simulations, and cross-team coordination. Help select and engage MDR vendors if appropriate to expand coverage.
• Vulnerability and Patch Management: Oversee continuous scanning of enterprise systems, manage and prioritize remediations based on risks.
• Data Security and Privacy: Advise on data projects across the company to ensure data pipelines are built with Security and Privacy in mind.
• Vendor and Custodian Risk Management: Develop and enforce third-party risk management policies for vendors, custodians, and infrastructure providers. Lead due diligence and security review processes.
• Training and Awareness: Build and sustain a security-aware culture. Design practical training programs for developers, operators, and executives tailored to real risks in fintech and digital asset environments.
• Executive and Board Reporting: Translate technical risk into business impact for leadership and the board. Provide ongoing insight into emerging threats, regulatory developments, and control effectiveness.

Skills and experience that will help you succeed

• Professional Experience: A minimum of 10 years in a leadership role related to information security and IT, with a demonstrated track record of managing and guiding teams to success.
• Financial & Regulatory Experience: Prior experience in financial technology, public companies, or regulated environments a plus.
• Experience with digital asset management systems and cold storage systems, also a plus.
• Educational Background: Advanced certifications such as CISSP, CISM, or CISA are highly desirable, but not required.
• Proactive leadership: Set goals and report on them to leadership. Ensure your team is moving in the right direction with active guidance and engagement.
• Balanced ability to multitask in a rapid growth environment: manage long term goals with short term disruptions.
• Must be located in and have work authorization in the United States.
• Compensation for this role will be based on location and experience, and may include base salary, equity, and benefits

Here's a bit about our culture

• We’re a growing team: Fully distributed across the world, Slack and Huddles are huge here.
• We’re very flat: Leadership is desired and encouraged; we hire people who care about and use the product they are working on.
• We’re Bitcoiners: We find solutions that encourage Bitcoin principles. We are often involved in the Bitcoin community through writing, podcasts, conferences, open-source projects, and time spent on Twitter to help educate the masses. We love Bitcoin, and it comes through in our daily chats, meetings, and actions.

Join us, become a Swan!