Chief Information Security Officer (CISO)

Remote (U.S.) — Full Time

The Cari Network is building a blockchain-based payment system powering real-time, 24/7 movement of digital money—in the form of deposit tokens called Cari—across the traditional finance and digital asset ecosystems. We’re creating an entirely new category of financial infrastructure that brings cash on chain through tokenization while powering the full spectrum of payments for our network—banks, digital asset exchanges, and, most importantly, the customers they serve.

About the Role

As the Chief Information Security Officer (CISO), you will be a foundational member of our leadership team, reporting directly to the Chief Risk and Compliance Officer (CRCO). You will own the strategy, design, and execution of information security across the Cari Network—safeguarding a permissioned, Ethereum-anchored Layer-2 blockchain and the bank-grade infrastructure that connects chartered banks, regulated digital asset participants, and their customers. Your mission is to build a security program that meets the highest standards of both the regulated banking system and the digital asset ecosystem, ensuring that strong controls are not a constraint on innovation but the foundation that makes it possible.

This is a high-impact leadership team role that sits at the intersection of traditional finance and blockchain technology. You will help define how the Network protects deposits brought on-chain, demonstrate a control environment that withstands the scrutiny of bank examiners and security auditors alike, and shape a security-first culture as we scale rapidly.

What You'll Do

  • Security Strategy & Program Leadership: Own and execute Cari’s enterprise information security strategy, building a comprehensive program—policies, standards, and controls—aligned to U.S. supervisory expectations and leading frameworks such as NIST CSF 2.0, FFIEC, and SOC 2 as well as evolving best practices for blockchain security (e.g., CCSS, BSSC, SEAL-ISAC). Develop the Company’s IT and cybersecurity controls framework, including threat modeling, risk assessments, control design and testing, business continuity and disaster recovery (BC/DR), and related training programs.

  • Blockchain & Protocol Security: Lead security across the Network’s permissioned L2 and ZK-rollup architecture, including smart contract security, secure node operations, and the cryptographic integrity of transactions anchored to Ethereum.

  • Cryptographic Key & Wallet Management: Design and govern the custody, generation, and lifecycle of cryptographic keys and wallets to protect tokenized deposits and Network assets. Oversee vendor relationships including due diligence of Critical Subcontractors, including performance monitoring related to digital asset custody and blockchain infrastructure.

  • Regulatory & Examiner Readiness: Partner with the Chief Risk and Compliance Officer to evidence a control environment suitable for regulated entities, supporting bank partner due diligence, audits, and engagement with regulators and examiners.

  • Threat Detection & Incident Response: Build and operate continuous monitoring, anomaly detection, penetration testing, and a robust incident response program that protects the Network and its participants around the clock.

  • Third-Party & Participant Security: Embed security into the Network’s credentialing and ongoing eligibility processes for Participating Banks and Non-Bank Participants, and manage vendor and supply-chain risk.

  • Cross-Functional Leadership: Work closely with Engineering, Product, and Legal teams to embed security by design, and build, mentor, and scale a high-performing security team as the Network grows.

Qualifications

  • Experience: 12+ years in information security, with significant time in senior security leadership (CISO, Deputy CISO, or equivalent) at organizations operating in highly regulated environments.

  • Dual-Domain Expertise: Demonstrated security experience across both traditional financial services—banking, payments, or capital markets—and crypto/blockchain technology, with hands-on understanding of digital asset custody, smart contracts, and distributed-ledger infrastructure.

  • Regulatory Fluency: Deep familiarity with the regulatory and supervisory expectations governing financial institutions (e.g., FFIEC, GLBA, NIST, SOC 2) and an awareness of the evolving compliance landscape for digital assets.

  • Technical Depth: Strong command of cloud security, cryptography, application and smart contract security, key management, identity and access management, and modern detection and response practices.

  • Leadership & Communication: Exceptional executive presence with the ability to advise the Board, engage examiners and bank partners, and simplify complex security concepts for technical and non-technical audiences alike.

  • Credentials: Relevant certifications such as CISSP, CISM, or CCSP are preferred.

  • Growth Mindset: Ability to thrive in a startup environment where ambiguity is common and the ability to build programs and processes from scratch is required.

What We Offer

  • Competitive compensation

  • Full medical, vision, dental benefits

  • 401(k) with matching program

  • Flexible vacation policy (PTO) and remote-first work environment

Interested in this role? Send us your resume.

Analyst, Business Operations ›