Chief Information Security Officer – CISO

Job Description: • Own Swyfft's cybersecurity program end-to-end, including NYDFS compliance • Build and manage our Third-Party Service Provider (TPSP) security governance program (vendor inventory, risk assessments, security questionnaires, ongoing monitoring) • Conduct annual risk assessments and coordinate penetration testing • Create and maintain security policies, incident response plans, and business continuity documentation • Prepare annual board reporting and regulatory certifications • Manage security awareness training program • Coordinate incident reporting to NYDFS when required • Oversee implementation of multi-factor authentication (MFA) across our web platform • Review and improve security architecture for our C#/.NET applications and infrastructure • Work directly with engineering teams on secure development practices and code review for security issues • Manage vulnerability assessments and coordinate remediation with engineering • Design and implement security controls and monitoring capabilities • Evaluate and implement security tooling (SIEM, vulnerability scanning, etc.) • Respond to security incidents and conduct post-incident analysis • Review API security, authentication/authorization patterns, and data protection controls Requirements: • 7-10+ years in information security with a mix of technical and compliance work • Specific experience with NYDFS 23 NYCRR 500 compliance • Background in financial services or insurance industry • Experience implementing authentication systems (OAuth, SAML, MFA) • CISSP, CISM, or similar security certification • Strong technical background - comfortable reviewing C# code, understanding web application architecture, and discussing database security • Proven track record building security programs, not just maintaining existing ones • Experience working with remote/distributed engineering teams • Excellent written and verbal communication skills (explaining security decisions to both engineers and executives) • A Bachelor’s degree in Computer Science, Computer Engineering, or equivalent work experience is required.Benefits: • Medical, Dental, and Vision • Short- and Long-Term Disability (Company Paid) • Voluntary Long-Term Disability • Employee Life & AD&D (Company Paid) • Voluntary Employee, Spouse, and Child Life & AD&D • Healthcare, Dependent Care and Transit FSA, and Healthcare Savings Account (HSA) • 401K with a generous matching contribution and no vesting schedule • 20 days of PTO annually (prorated based on hire date) • Company Paid Holidays and 2 “ChooseYour Own Holidays” Apply tot his job Apply tot his job