Search...

Chief Security Officer

Coins logo
Coins

Stealth

Distributed
View jobs by Coins

Skills

About the Role

You will be the top security leader of the company, fully responsible for formulating and implementing the company's overall security strategy and building a comprehensive, systematic, and compliant security system covering digital currency exchange, payment business, and global operations. You will lead the security team to identify, assess, and mitigate all types of security risks including cyber, physical, data, operational, and compliance security. You will ensure the company's business complies with global security-related regulatory requirements, respond to security incidents efficiently, and maintain the company's security reputation and user trust.

Requirements

  • 10+ years of information security and risk management experience
  • 5+ years of CSO or equivalent senior security management experience in compliant digital currency exchanges, payment institutions, or financial technology companies
  • Deep understanding of digital currency trading and payment business models and security pain points
  • Proficient in cyber security, network security, application security, data security, blockchain security, and digital asset security management
  • Familiar with global digital currency and payment security regulatory frameworks (FATF, MiCA, SFC, etc.)
  • Experience handling security compliance audits and regulatory inspections
  • Rich experience in security incident response, crisis management, and security system construction
  • Understanding of security technologies and tools such as SOC, SIEM, vulnerability scanning, penetration testing, encryption, and wallet security technology
  • Strong sense of compliance and risk control
  • Excellent leadership and team management capabilities
  • Excellent oral and written communication skills in both Chinese and English
  • Bachelor's degree or above in Computer Science, Information Security, Cybersecurity, Finance, Law, or related fields
  • Professional certifications such as CISSP, CISM, CISA, CRISC, or ACAMS are preferred

Responsibilities

  • Develop the company's long-term and short-term security strategy, security roadmap, and risk appetite
  • Establish and improve the company's security governance system including policies, standards, processes, and procedures
  • Lead security assessments, audits, and compliance reviews, and issue security reports to the CEO and board
  • Coordinate cross-departmental security work and promote integration of security into product design and business operations
  • Lead the construction and operation of the company's cyber security system including network, application, endpoint, cloud, and blockchain security
  • Manage the Security Operations Center and establish real-time monitoring, threat detection, and emergency response mechanisms
  • Promote security technology research including AI-driven threat intelligence, automated vulnerability scanning, penetration testing, and SOAR
  • Secure core systems including trading, payment, wallet, and user data systems
  • Formulate and implement asset security strategy including cold/hot wallet security and private key management
  • Establish and manage physical security systems including access control, video surveillance, and fire protection
  • Coordinate with third-party security service providers
  • Ensure security work complies with global regulatory requirements including FATF, MiCA, and data protection laws
  • Cooperate with the compliance team on security-related filings, audits, and inspections
  • Establish security compliance training and awareness programs
  • Develop and improve security incident emergency response plans and lead handling of major security incidents
  • Conduct post-incident reviews and root cause analysis
  • Manage security crisis public relations
  • Build, manage, and develop the security team and formulate OKRs and performance assessment systems
  • Guide professional growth of team members through training and technical exchanges
  • Establish cooperative relationships with industry security organizations, vendors, and regulators
  • Collaborate with product, technology, operations, compliance, and customer service departments
  • Establish security cooperation mechanisms with partners such as payment channels and custodians
  • Participate in industry security exchanges and standards formulation