Available Company name withheld

The Company Swan is the USA’s #1 Bitcoin wealth platform for families and businesses. We hire passionate Bitcoiners who want to work with a self-motivated and fully distributed startup team. The Role Swan is seeking a hands-on, technically-minded CISO to lead our security team and help scale a robust, risk-informed security program across a rapidly growing fintech platform. You’ll be responsible for protecting our clients, partners, and infrastructure, while supporting a culture of trust, transparency, and operational excellence. This role reports directly to the CTO for day to day management and to the Board Audit Committee quarterly. The role involves close collaboration across engineering, product, operations, and legal/compliance. Core Responsibilities Security Leadership and Strategy: Define and execute the company’s cybersecurity strategy in alignment with business goals and regulatory expectations. Maintain an actionable roadmap that evolves with Swan’s growth and risk profile. Security Team Leadership: Lead the Security group ****responsible for Enterprise IT Security, AppSec, TDR, GRC, and other security functions. Lead the broader Security Guild process which also includes platform and product security teams. Build a high-performance culture focused on proactive risk management and technical depth. Help organize projects and set priorities. Governance, Risk, and Compliance: Oversee risk management processes, policies, and controls aligned with frameworks such as SOC 2, SOX ITGC, and ISO 27001. Partner with executive team to create a culture of risk ownership and SOPs across the organization. Security Architecture: Drive secure-by-design principles across infrastructure, applications, and custodial integrations. Review and influence technical designs to ensure security is embedded at every layer. Oversee IAM/PAM efforts. Threat Detection and Response: Own the incident response program from detection through post-mortem. Ensure continuous improvement through tabletop exercises, simulations, and cross-team coordination. Help select and engage MDR vendors if appropriate to expand coverage. Vulnerability and Patch Management: Oversee continuous scanning of enterprise systems, manage and prioritize remediations based on risks. Data Security and Privacy: Advise on data projects across the company to ensure data pipelines are built with Security and Privacy in mind. Vendor and Custodian Risk Management: Develop and enforce third-party risk management policies for vendors, custodians, and infrastructure providers. Lead due diligence and security review processes. Training and Awareness: Build and sustain a security-aware culture. Design practical training programs for developers, operators, and executives tailored to real risks in fintech and digital asset environments. Executive and Board Reporting: Translate technical risk into business impact for leadership and the board. Provide ongoing insight into emerging threats, regulatory developments, and control effectiveness. Agentic Security Swan is an AI powered organization with significant amounts of automation throughout the entire organization, including Security. We expect our entire team, including senior management, to be hands on with these tools. Build: Author and maintain agentic skills and pipelines for SOC 2 internal controls, ITGC evidence collection, GRC reporting, vendor assessment, security program maintenance, etc. Operate: Contribute to autonomous DAST, multi-agent PR review, risk-policy merge gates, and agentic red-team validation of the security pipeline itself. Govern: Apply NIST AI RMF, ISO/IEC 42001, and OWASP LLM/Agentic-AI Top 10. Reason about prompt injection, excessive agency, model/tool supply chain, and non-human identity sprawl. Skills and experience that will help you succeed Professional Experience: A minimum of 10 years in a leadership role related to information security and IT, with a demonstrated track record of managing ...