Chief Information Security Officer (REMOTE)

Location Type: On-site

Industry: Information Technology

Company: bitFlyer team

Chief Information Security Officer

Location: This is a fully remote role with occasional travel.

Who We Are
Looking to join a dynamic, international team with a passion for virtual currency and gain opportunities for career growth?
bitFlyer just celebrated its 11th anniversary in January 2025 and is one of the first cryptocurrency exchanges licensed to operate across US, EU and Japan. We operate a virtual currency exchange, which provides our customers with a convenient, secure platform to buy and sell virtual currencies. With some of the lowest fees amongst regulated US exchanges, bitFlyer offers tools and services for our customers to start investing with ease. Our vision is to build a truly global Bitcoin and blockchain company to reflect the international nature of the virtual currency.
Established in January 2014 in Tokyo, bitFlyer expanded into the European Union and launched bitFlyer USA in San Francisco in November 2017. We continue to pursue our mission of making the world simpler with blockchain. Today, we empower millions of people across the globe to access cryptocurrencies and are seeking talented individuals to join our team and be part of our growth story.

Who You Are

As the CISO, you will be in charge of the bitFlyer US Information Security and IT Infrastructure Division. You will oversee and manage the US Information Security & Privacy program, ensuring compliance with regulatory requirements.

You will be an instrumental part of our growth story, working for a leading player of a fast-growth and revolutionary industry. You have a familiarity and/or genuine interest in virtual currency, cryptography and blockchain technology. We offer a hybrid work environment and are looking for a candidate based in the New York Metro area.

We have a New York DFS issued BitLicense and also hold state specific licenses as needed such as the Money Transmitter License. It will be your responsibility to support the information security related compliance requirements to maintain these licenses. You will help lead, develop, and maintain our information security program to ensure policy, infrastructure, safeguards, processes, and procedures align with company and regulatory needs. You will work in collaboration with key stakeholders from Japan and the EU, ensuring we implement best practices for information security governance, compliance, and risk management while driving other strategic security projects.

What You’ll Do

• Report to executive leadership on the information security program, including annual program review, budgetary requirements, and on-going updates on recurring activities
• Be responsible for the success, leadership, and execution of the US information Security & Privacy Program and influence the strategy and direction of the Global Information Security Program
• Maintain existing, and oversee the development of, security controls and ensure compliance with targeted security and privacy frameworks
• Develop and monitor relevant metrics, like KPIs and SLAs, to evaluate performance of IT, security and service provider operations
• Record, monitor, report and organize the remediation of any security incidents
• Detect, analyze, record, report and monitor emerging security threats or reported vulnerabilities and ensure mitigating actions are taken
• Leverage feedback from internal stakeholders, third-party experts, and regulators to enhance the security organization
• Mentor your team, defining objectives, plans, and criteria for success
• Oversee training related to business continuity and disaster recovery, incident response, and general cybersecurity awareness
• Work with potential partners and vendors to ensure they meet our security standards
• Establish, approve, and maintain policies, standards, and procedures for the information security program and ensure effective communication and enforcement
• Function as a point of escalation, enabling your team to identify, address, and resolve challenges
• Manage and escalate access reviews and IT infrastructure related changes with the parent organization (Japan)
• Support the IT / Onboarding and operational IT / Vulnerability & Patch Management activities for US endpoints.
• Oversee internal and external audits
• Coordinate with and support Tokyo infrastructure and security teams, as required
• You will be subject to background screening and disclosure requirements to meet regulatory expectations.

Skills & Experience

• Undergraduate degree in a related technical discipline
• 8-12 years of experience within the financial services or technical sectors
• 8-12 years of experience leading information security teams, and 5+ years related to overseeing managers
• 5+ years of experience working with financial regulators
• Excellent written and verbal communication skills, bringing together a global team
• Experience implementing, developing, and monitoring a strategic and holistic information security and IT risk management program
• Hands-on experience coordinating and overseeing incident response activities
• Demonstrated experience with security control frameworks (e.g. SOC 2, ISO, NIST, DFS 500, COSO, COBIT, etc.)
• Familiarity and comfort with MacOS and tools such as Tenable / Nessus, JAMF is a plus
• Knowledge of common security and operations tooling including, but not limited to, endpoint detection and response, mobile device management, secure web gateways, vulnerability management, and learning management platforms
• Familiarity building and executing table-top exercises for technical and non-technical stakeholders
• Proven experience with executive level risk reporting and communications
• Extremely driven and hardworking
• Demonstrated ability to lead cross-functional teams
• A natural problem solver
• Adaptable and calm under pressure
• Metrics-driven

Nice to Have (Preferred Skills)

• Advanced security certifications, such as CISSP, CBCP, ,CFE, CISM, CISA, OSCP, CASP, CCS, C/CISO
• Knowledge of Microsoft Azure preferred
• Knowledge of basic SQL queries
• Fluency or familiarity with Japanese language

Why Join Us?

We offer a competitive total rewards package for our employees including:

• Comprehensive health | dental | vision benefits
• 401k plan
• PTO Plan with additional sick leave
• Hybrid Work
• Training and career development opportunities
• Small, dynamic team with access to senior leadership
• Paid travel for on-site events
• Financial support for continued education or certification