Chief Information Security Officer (CISO)

at Hedera Hashgraph (View all jobs)

About Hedera Hashgraph:

Hedera is the decentralized governing body for the Hedera network, an enterprise-grade public distributed ledger technology (DLT) network that’s fast, environmentally sustainable, and secure, making it well-suited to become an integral layer of the emerging web3 world. Hedera is governed by a diverse group of world-leading institutions distributed across six continents, representing multiple industries including technology, banking and financial services, web3, education, legal services, gaming, aerospace, and manufacturing.

The vision for the Hedera network is to support a trusted, empowered, and decentralized digital future for everyone; cyberspace where you work, play, buy, sell, create, and engage socially; where you have safety and privacy in your digital communities; where you feel confident when interacting with others; where you own and control your information.

Hedera brings together some of the best minds in the industry. We are proud of our high-quality culture and dedicated to values of integrity, ethics, service, excellence, and teamwork. We are looking for hard-working, talented, and collegial people to help achieve this vision. Join us and say, "Hello future."

About the role:

As Hedera’s Chief Information Security Officer (CISO), you will drive Hedera’s overall security strategy and be responsible for Hedera’s cybersecurity posture. The CISO plays a key leadership role in Hedera’s ongoing business and technical operations in collaboration with Hedera’s members, aligning controls with risks. This role will cover both Hedera’s internal corporate security needs as well as those Hedera’s public-facing networks. You will also engage with relevant organizations to further the security practices of our customers and the distributed ledger ecosystem as a whole. The CISO reports to and directly supports the Chief Information Officer (CIO), including acting on behalf of the CIO as needed.

We’re looking for someone with a strong and diverse cybersecurity background who can cover a wide spectrum of tasks and responsibilities from developing and governing foundational policies to taking a “hands-on” and helping design and implement appropriate technical controls.

You may find yourself doing all of the following:

  • Driving the overall security strategy for Hedera to further mature security
  • Developing, implementing and maintaining Cybersecurity policies and procedures
  • Designing and monitoring risk-informed controls, accounting for the distributed nature of Hedera’s operations
  • Reporting on Hedera’s security status and posture to staff, Hedera’s Council and Board and other stakeholders
  • Researching and keeping abreast of evolving threats and vulnerabilities and, in collaboration with engineering and technical operations partners, implementing effective solutions against such threats
  • Implementing secure development practices to support open-source development activities
  • Undertake periodic security reviews and audits; develop and execute plans to address findings

Qualification Requirements:

  • Good communication skills with ability to bridge between technical experts and business leaders
  • Can analyze complex information and develop insights to support Hedera’s cybersecurity needs
  • Experience with secure software development tools and practices
  • Familiarity open stack platforms and tools
  • Understanding of information risk standards and practices including ISO2700x and SOC2

Other skills that are great to bring with you but that we can help you develop:

  • Interest in and knowledge about web3/blockchain/crypto/metaverse
  • A growth mindset and an overall positive attitude
  • Familiarity with open-source programs
  • One of the following: IT Operations / DevOps or software development experience

Education and Experience: Bachelor’s degree with 10+ years of relevant information/cybersecurity experience. CISSP, CISA or similar certification.

Location: Remote