- Published: September 2, 2021
FeeX is a FinTech startup revolutionizing wealth management by making it possible for financial advisors to actively manage 401(k) and other held away accounts. The FeeX solution empowers advisors to offer comprehensive, holistic services to their end clients, and enables end clients to rest assured that the entirety of their portfolios are purposely directed. FeeX clients range from Fortune 100 financial services firms and large independent broker dealers, to small independent RIA’s and advisory firms.
We are currently experiencing hyper growth and are looking for an outgoing and enthusiastic CISO to join our Hertzylia based team. The position presents an exciting opportunity to join a fast-growing company at an early point in its development.
• Own the security of the company
• Lead, build, and expand our security team
• Define the strategy and vision of FeeX’s security posture, and executing accordingly in work plans, recruiting, etc.
• Be a customer facing executive with good technical knowledge and skills
• Production facility security (at AWS)
• Assess the current state and build a roadmap to improve processes
• Responsible for handling Internal security (security awareness program, new employee training, annual training plan)
• Customer security reviews (answer questionnaires, security review calls with customers)
• SDLC. Design and implement processes.
• SOC2 (maintain security policy and other company level policies, and manage the annual review)
• Work closely with Production Operations Manager and outsourced provider (GRSee) and with the CTO
• overseeing agreements with sub-processors and ensuring we remain up to date with their compliance documentation
• Support FeeX’s sales and customer success teams in the evaluation, approval and implementation of our security posture
• Utilize security engineering and application security experts to review and improve our cloud security and application architecture and to impact the product roadmap
• Cooperate with the operations, IT and legal teams on security-related issues, including compliance, physical and internal security
• Involve yourself in all aspects of the business, making decisions using around the use of data in a fully transparent environment
• 4-5 years as a Chief Information Security Officer or equivalent position
• Experience in managing multiple vendors and subcontractors, in addition to managing internal teams
• Experience in AWS production environment
• Knowledge of application security and secure software development practices such as Secure Software Development Life Cycle (SDLC)
• Extensive knowledge of web security, based on the OWASP Top 10 security risks, impact and mitigation
• Extensive knowledge of network and cloud infrastructure security and best practices
• Familiarity with local security and privacy related regulations and certifications
• Strong communication skills, team player
• Excellent written and spoken English