Chief Security Officer (CSO)
About ABFinance ABFinance is a US-based firm building and enabling digital finance for the future. Their vision is to create a full financial ecosystem where digital assets, traditional finance, and everyday money management live in one seamless experience, made available to everyone. Founded by a team of innovators, traders, and compliance professionals, ABFinance's mission is to bring the emerging world of digital assets to everyone. Their flagship product is a secure, regulated crypto exchange building trading tools for both retail and institutional clients—including spot trading and yield generation products with a focus on compliance and security. Key Responsibilities Security Strategy & Governance: Define and own ABFinance’s overall information and cybersecurity strategy, aligning security architecture, policies, and priorities with business growth and regulatory requirements. Security Operations & Engineering: Oversee day-to-day security operations, incident response, vulnerability management, and security engineering across infrastructure, applications, and Web3/wallet systems. Product & Technology Security: Ensure security-by-design across all products and platforms, including application security, Web3 & wallet security, and secure SDLC practices. Risk, Compliance & Regulation: Lead security risk assessment and management, working closely with Compliance, Legal, and Risk teams to meet regulatory, audit, and certification requirements. Leadership & Organization: Build, lead, and scale a high-performing security team, establishing clear accountability, processes, and security culture across the organization. Requirements Experience: 10+ years of security or information security experience, with senior leadership exposure (CISO, Head of Security, Security Director), ideally in fintech, crypto, or highly regulated environments. Technical & Domain Expertise: Strong hands-on understanding of security operations, application security, cloud security, and Web3 / wallet security architectures. Risk & Compliance Knowledge: Solid knowledge of security risk frameworks, regulatory expectations, and audits (e.g., SOC2, ISO27001, cloud and financial security standards). Leadership & Communication: Proven ability to influence executives, partner cross-functionally, and translate complex security risks into clear business decisions. Mindset: Ownership-driven, pragmatic, and comfortable operating in fast-paced, high-ambiguity startup environments.