Tech Stack

Description

You will lead and evolve Nymbus's enterprise security program in a fast-paced fintech environment serving regulated banks and credit unions. This strategic, hands-on role requires you to drive security maturity, ensure regulatory compliance (NIST, FFIEC, PCI, SOC), and partner with technology and product leaders to balance innovation with risk management.

Requirements

• Executive-level experience as CISO or senior security leader in fintech or regulated financial services
• Deep expertise in banking regulatory frameworks (NIST, FFIEC, PCI, SOC) and hands-on program building
• Proven ability to translate strategy into measurable execution plans with defined milestones
• Experience leading detection engineering, vulnerability management, application security, and security architecture teams
• Hands-on familiarity with security tooling (e.g., SIEM/XDR, Tenable, Veracode) and cloud platforms (AWS/GCP)

Responsibilities

• Own and continuously mature the enterprise Information Security Program aligned with NIST CSF, FFIEC, PCI DSS, and SOC requirements
• Develop and execute a multi-year security roadmap and present risk-based recommendations to executive leadership and Board
• Drive remediation of audit, regulatory, and penetration testing findings; ensure strong incident response and vulnerability management
• Lead and develop the Information Security team; manage tooling (SIEM/XDR, vulnerability management, AppSec testing) and budget
• Partner with CTO, engineering, product, and operations to embed security into cloud architecture (AWS/GCP) and AI initiatives