Job Closed

This listing is no longer active.

Nymbus logo
Nymbus

Nymbus is a leading provider of banking technology solutions for financial institutions to innovate and grow.

Chief Information Security Officer, CISO

Security EngineerSecurity EngineerOtherRemoteLeadTeam 201-500H1B SponsorCompany SiteLinkedIn

Location

United States

Posted

132 days ago

Salary

$180K - $230K / year

Seniority

Lead

10 yrs expEnglishAWSGCPSDLC

Job Description

Chief Information Security Officer, CISO

Nymbus

• Own and continuously mature the enterprise Information Security Program. • Align controls and architecture with NIST CSF, NIST 800-53, FFIEC guidance, PCI DSS, and SOC requirements. • Conduct proactive program assessments and identify security gaps before they become issues, working cross-functionally to execute upon risk mitigation objectives. • Develop and execute a multi-year security roadmap aligned to business growth and regulatory expectations. • Present clear, risk-based recommendations to executive leadership and the Board. • Translate strategy into measurable execution plans with defined milestones. • Drive remediation of audit, regulatory, and penetration testing findings. • Ensure strong incident response, vulnerability management, and change management and development programs. • Implement metrics that demonstrate real risk reduction and program effectiveness. • Lead and develop a high-performing Information Security team. • Provide clear direction, prioritization, and performance accountability across detection engineering, vulnerability management, application security, and security architecture functions. • Oversee operation and optimization of core security tooling, budget, and contract renewal management, including SIEM/XDR platforms (e.g., Wazuh), vulnerability management (e.g., Tenable), application security testing (e.g., Veracode), and related monitoring and detection systems. • Ensure security diagrams, architecture artifacts, and workflow documentation accurately reflect implemented controls and are audit-ready. • Establish measurable performance objectives and operational KPIs for the security team in collaboration with teams responsible for execution (MTTR, vulnerability remediation SLAs, detection coverage, control validation, etc.). • Drive automation and continuous improvement across monitoring, alert triage, vulnerability remediation, and DevSecOps integration. • Build a culture of ownership, urgency, and technical depth cross-functionally associated with the program. • Maintain sufficient hands-on familiarity with security tooling and architecture to effectively challenge assumptions, validate control effectiveness, and provide technical direction when needed. • Assist in the management of Nymbus’ risk log with the ability to identify, manage, and make security risk recommendations. • Develop a deep understanding of our platform, cloud architecture (AWS/GCP), integrations, and AI initiatives. • Partner with the CTO, engineering, product, NOC, and operations leaders. • Ensure strong embedded security controls into SDLC, DevOps, and cloud-native development practices. • Enable secure innovation rather than slow it down. • Serve as the subject matter expert in banking security and regulatory expectations. • Lead SOC/PCI audit readiness and regulatory exam preparedness. • Engage confidently with regulators, auditors, and bank and credit union clients and prospects. • Establish governance frameworks for secure and responsible AI usage. • Assess model risk, data protection, and security implications of AI-driven products. • Stay ahead of evolving regulatory expectations in AI and fintech.

Job Requirements

  • 10+ years of progressive experience in information security leadership.
  • Significant experience in banking, financial services, or regulated fintech.
  • Deep knowledge of:
  • NIST CSF & NIST 800-53
  • FFIEC guidance
  • PCI DSS
  • SOC audits
  • Experience leading cloud-first security programs (AWS and/or GCP).
  • Demonstrated ability to independently assess risk and make defensible decisions.
  • Strong executive communication and cross-functional leadership skills.
  • Experience operating in high-growth or fast-changing environments.
  • Preferred certifications: CISSP, CISM, CRISC or equivalent.

Benefits

  • Annual Cash Bonus and Equity Options commensurate with the role level and experience.
  • Fully Remote.
  • 401(k) plan.
  • Insurance - Health, Dental and Vision.
  • Time Off.

Related Categories

Related Job Pages

More Security Engineer Jobs

Amgen logo

Senior Manager, Product Security – Illicit Trade & Brand Protection

Amgen

Founded in 1980, Amgen (short for Applied Molecular Genetics) is a biotechnology firm focused on developing human therapeutics. As an employer, Amgen has been d

Security Engineer132 days ago

• Play a pivotal role within Amgen’s Global Security (GS) organization. • Support patient safety efforts through the development and execution of strategies to counteract emerging external threats and prevent the distribution of illicit versions of Amgen products. • Lead response and remediation efforts for product security incidents such as counterfeiting, diversion, and illicit generics. • Collaborate across a diverse and complex network of internal stakeholders to maintain an effective and agile Product Security program. • Develop internal policies, procedures and standards in collaboration with other key stakeholders. • Identify effective security technologies intelligence gathering and assessment as well as partnering with industry and governmental agencies to enhance overall security and safety of products. • Ensure the protection of Amgen’s global product portfolio against counterfeiting, diversion, and illicit marketing of Amgen products. • Support a cross-functional steering committee that includes leadership from Global Security, Operations, Supply Chain, LAW, and Corporate Audit. • Define and operationalize strategies for threat monitoring, incident reporting and response, counterfeiting deterrence and authentication, and enforcement protocols. • Design, implement, and manage effective illicit trade and brand protection systems, processes, and tools. • Collaborate with the GS Intel Team to monitor both virtual and physical markets for suspicious activities involving Amgen products. • Develop and execute robust online monitoring and enforcement strategies across marketplaces, social media, and websites. • Investigate suspected or confirmed illicit activities affecting Amgen products, working internally or with law enforcement, health authorities, and industry officials as needed. • Implement strategies to promote ongoing education and awareness of product security issues, targeting both internal and external audiences. • Participate actively in industry, government, and other relevant groups, task forces, and committees to advocate for Amgen’s interests. • Facilitate security audits of vendors, suppliers, and business partners for-cause or pre-contract. • Manage activities associated with the security audit program along with other key internal stakeholders. • Identify, assess, and implement mitigation strategies to counter external threats to Amgen APIs, materials, finished products, and returns. • Establish and maintain relationships with local, state, and federal law enforcement and emergency services for effective communication and response. • Conduct and manage external investigations as necessary. • Manage vendor relationships to support Product Security strategy.

United States
$138.2K - $170.9K / year
Job Closed
Amgen logo

Program Analyst, Product Security

Amgen

Founded in 1980, Amgen (short for Applied Molecular Genetics) is a biotechnology firm focused on developing human therapeutics. As an employer, Amgen has been d

Security Engineer132 days ago

• Play a pivotal role in memorializing and executing the Amgen Product Security Strategy. • Support response and remediation activities related to Brand Protection, Illicit Trade and Supply Chain Security. • Collaborate across Amgen’s diverse internal network to ensure the effectiveness and agility of the Product Security program. • Focus on formalizing operational standards to support a newly created strategy and team. • Develop and execute an ongoing ROI framework. • Manage and assign BP Alerts and engage with external vendors. • Support threat monitoring, incident reporting and response, enforcement protocols, investigations, evidence management, testing and other key security functions. • Provide Amgen leadership with metrics, KPIs, and reports about emerging and ongoing threats. • Create collateral to promote education and awareness of Product Security issues. • Support security audits of vendors, suppliers, and business partners, both proactively and in response to specific concerns. • Coordinate efforts with other directorates within Global Security.

United States
$104.5K - $143.1K / year
Job Closed
US Claro logo

Product Manager – Cybersecurity

US Claro

⭕️ Managed IT Services provider delivering scalable solutions with layers of security and global expertise.

Security Engineer132 days ago
OtherRemoteTeam 201-500Since 1990

• Manage a portfolio of cybersecurity products, services, and solutions to drive customer satisfaction, revenue growth, and market expansion. • Identify opportunities to enhance portfolio value through product improvements, partner integrations, and innovation—and champion these initiatives across the organization. • Prioritize product development efforts to deliver differentiated offerings that meet business KPIs and market needs; provide recommendations for engineering priorities and timelines. • Evaluate unmet customer needs and execute viable, competitive solution enhancements. • Implement methodologies to continually gather and analyze “voice of customer” insights and market trends, influencing pricing, bundling, and product design decisions. • Coordinate intake, analysis, and prioritization of new product functionality requests from customers and prospects. • Develop clear use cases, business requirements, and marketing requirements. • Maintain the cybersecurity product roadmap, including integration of partner technologies and internal assets. • Collaborate with technology providers and channel partners to align and differentiate the product portfolio. • Support product launches in coordination with product marketing and corporate marketing; ensure ongoing post‑launch success through continuous optimization and adoption strategies. • Conduct product performance benchmarking to guide enhancements and differentiation. • Represent the organization as a cybersecurity subject matter expert, helping increase market credibility. • Develop and deliver thought leadership content, industry insights, and market perspectives. • Create impactful communications for analysts, security organizations, and partner communities. • Collaborate with other product managers on cross‑solution messaging and strategic thought leadership. • Support organizational wins by providing technical and product expertise to cross‑functional teams. • Develop high-quality product documentation and assets throughout the product lifecycle, including FAQs, training content, service briefs, demos, diagrams, and specification sheets. • Partner with Product Operations to ensure seamless implementation of cybersecurity offerings across the quote‑to‑cash process. • Enable sales teams by supporting customer engagements, addressing technical questions, and delivering product training. • Expand organizational knowledge of the cybersecurity market through internal presentations and market briefings. • Collaborate with Product Marketing and Communications to translate complex cybersecurity concepts into clear, customer‑ready messaging. • Share “voice of customer” insights regularly with stakeholders to inform product improvements. • Provide analysis and recommendations related to pricing, strategy, positioning, competitive intelligence, and product differentiation.

Florida
Job Closed
OtherRemoteTeam 1-10Since 2024H1B No Sponsor

• Support operational programs by managing personnel security processes, credentialing requirements, and onboarding procedures • Coordinate background investigations and personnel security processing for program staff • Assist employees in completing required security documentation and investigation forms • Review personnel security submissions for accuracy and completeness before submission • Track the status of background investigations and security approvals • Communicate investigation updates and requirements to employees and leadership • Coordinate facility badging, credentialing, and access authorization processes • Maintain accurate records of personnel security processing and credentialing activities • Serve as a liaison between Anovaeon and government security personnel regarding credentialing requirements

United States
$30 / hour
Job Closed