Head of Information Security

Notabene is on a mission to make crypto a part of the everyday economy. Leading crypto organizations use our tools to reduce transaction risk and make crypto transfers safe. Working across three continents in eight countries, the Notabene team serves our fantastic community of 100+ customers, including financial institutions, fintechs, exchanges, and more. Our co-founders spearheaded foundational Self Sovereign Identity protocols and use-cases. This technology is key to the internals of our cutting edge tech stack.

We’re proud to have the support of leading investors, including Y Combinator, Jump Capital, Castle Island, Green Visor Capital, and more.

We’re at an exhilarating moment in our journey, as regulation technologies (reg-techs) are fast becoming recognized as a vital enabler of the crypto ecosystem. Notabene is growing fast—and we’re looking for people like you to help shape the future rails of the crypto industry!

We are hiring a Head of InfoSec, reporting directly to the CTO. This role will be critical in developing and implementing our security strategy to protect our information technology, data, and assets. As our Head of InfoSec, you will need to be a strategic leader that can collaborate cross-functionally to enhance the security posture of the company. You’ll also work closely with product development and platform teams to ensure the continued development of the world’s most secure end-to-end transaction authorization platform.

Key Responsibilities:

• Strategic Leadership: Develop a comprehensive information security strategy that aligns with the Notabene’s objectives and risk appetite.
• Policy Development: You’ll build and help enforce strict security standards by implementing and maintaining information security systems and tools, including firewalls and encryption protocols.
• Risk Management: Identify, assess, and mitigate risks to Notabene’s information and assets. You’ll need to stay up-to-date with the latest security threats and trends to ensure the Notabene’s security measures are effective and relevant.
• Incident Response: Oversee the development and execution of incident response plans and activities.
• Compliance and Audit: Ensure Notabene meets all regulatory compliance requirements, like SOC2 and ISO. You’ll also be responsible for any external engineering security audits and security due-diligence questionnaires.
• Vendor Management: Evaluate and manage relationships with our information security service providers and vendors.
• Security Awareness: Promote a culture of information security awareness by utilizing Vanta and other tools to keep Notabene up-to-date with the latest in information security practices.
• Team Management: Help define what a security team at Notabene looks like, and support hiring, training, and performance evaluation of future security team members.

Qualifications

• Extensive experience (10+ years) in information security, particularly in a leadership role.
• Bachelor's degree in Computer Science, Information Security, or a related field
• Professional security management certification, such as CISSP, CISM, or similar.
• Proven track record of developing and implementing security strategies and policies.
• Strong knowledge of security frameworks (e.g., ISO 27001, NIST), regulations (e.g., GDPR, CCPA), and best practices.
• Experience with leading incident response and threat modeling plans, security assessments and audits.

Skills

• Strong analytical and problem-solving abilities.
• Excellent leadership and team management skills.
• Effective communication and interpersonal skills.
• Ability to work under pressure and manage crises.
• Strategic thinking with attention to detail.

If you strongly believe this role is for you, please apply. Notabene considers a broad array of candidates, including those without blockchain experience. Whether you’re returning to work after a gap in employment, or taking the next step in your career path, we will be glad to have you on our radar.

Notabene is proud to be an equal employment workplace and an affirmative action employer. By valuing inclusion and diversity of all forms, we strictly prohibit and do not discriminate based on race, color, religion, national origin, gender, gender identity, gender expression, age, ancestry, citizenship, sexual orientation, status as a protected veteran, or any other legally protected characteristic.