Chief Information Security Officer

Chief Information Security Officer (CISO) Join to apply for the Chief Information Security Officer role at Candescent As we expand our fintech ecosystem, AI capabilities, and security offerings, we are seeking a Chief Information Security Officer (CISO) to lead enterprise security, compliance, and trust—while shaping the future of identity, fraud detection, and platform‑level defense across our products. The CISO reports directly to the Chief Technology Officer (CTO) and serves as a core member of the Technology Leadership Team. Key Responsibilities Lead enterprise‑wide information security strategy and governance aligned to FFIEC, GLBA, NIST CSF, SOC2, ISO 27001, PCI‑DSS, and GDPR. Manage regulatory relationships and ensure audit readiness with customers, regulators, and independent assessors. Define and monitor security risk metrics, dashboards, and board‑level reporting. Partner with Legal Risk, and Compliance teams to maintain proactive adherence to evolving banking and fintech regulation. Build and mature secure SDLC practices integrating SAST/DAST, dependency scanning, and threat modeling. Lead a comprehensive API Security program addressing authentication, authorization, token management, rate limiting, payload inspection, and anomaly detection. Secure Open Banking and Fintech APIs, ensuring compliance with data security and privacy standards. Oversee penetration testing and bug bounty programs, emphasizing API and data‑layer resilience. Collaborate with Product and Engineering to ensure secure‑by‑design principles are applied to all services, including microservices deployed in GCP and AWS. Embed fraud detection and identity protection mechanisms—device fingerprinting, behavioral analytics, AI‑based anomaly detection—directly into platform and product architecture. Oversee the architecture, compliance, and integrity of Candescent’s Identity and Fraud Detection product. Partner with Product and Engineering to enhance fraud prevention models and partner integrations. Establish governance and controls around customer identity data protection, in compliance with privacy frameworks. Define and implement AI security and compliance frameworks covering model and AI tooling development, deployment, and monitoring. Partner with Candescent AI Labs to secure AI pipelines and defend against prompt injection, model inversion, and data leakage. Lead Responsible AI initiatives, aligning with regulatory guidance and customer expectation. Serve as an executive sponsor for AI risk management, bridging security, ethics, and compliance. Oversee identity and access management (IAM), encryption, key management (KMS), and Zero Trust Architecture across hybrid environment. Lead incident response, root cause analysis, and business continuity exercises. Collaborate with SRE and Platform teams to strengthen resiliency, observability, and reliability in production systems. Govern security and compliance for fintech integrations, payment networks, and core banking partner. Strengthen and lead a Vendor Risk Management (VRM) and Third‑Party Assurance program. Engage directly with customer CISOs, auditors, and regulatory stakeholders to communicate Candescent’s security posture and roadmap. Ensure all third‑party integrations meet FFIEC and GLBA security requirements. Qualifications 15+ years in Information Security, including 5+ years in a CISO or senior security leadership role in financial services, fintech, or SaaS. Bachelor’s degree in computer science, information technology, or cybersecurity. Deep expertise in API Security, Cloud Security, Product Security, and Identity/Fraud Detection systems. Proven experience implementing FFIEC‑aligned compliance frameworks and managing regulatory engagement. Hands‑on familiarity with AI/ML security, data protection, and DevSecOps practice. Strong understanding of financial data privacy, Open Banking standards, and API threat prevention. Certifications such as CISSP, CISM, CCSP, or CRISC preferred. Leadership Attributes Strategic and execution‑focused; able to bridge compliance rigor with agile innovation. Strong collaborator with the CTO, CPO, and Engineering leadership to embed trust and security into the product. Credible communicator with regulators, boards, and financial institution CISO. Passionate about advancing AI‑enabled security and fraud detection as differentiators in digital banking. Seniority level Executive Employment type Full‑time Job function Information Technology Location & Salary Irvine, CA $350,000.00–$450,000.00 1 month ago #J-18808-Ljbffr