Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Head of Security & Risk

M0

Job Description

Job Description

Intro

M0 is the shared infrastructure where businesses launch their own branded stablecoins and financial institutions power them. Built on a common standard, every stablecoin on M0 is interoperable and liquid from day one – giving businesses programmable control over how money moves in their ecosystems, and giving financial institutions the most advanced issuance stack in the industry.

M0 is seeking a sharp, execution-focused Head of Security & Risk to build and own the information security and risk function from the ground up. This is a foundational IC role at a critical inflection point for the company – M0 is onboarding regulated institutional partners, expanding its on-chain liquidity solutions, and operating infrastructure that regulated entities depend on. The information security and risk posture we establish in the next 12 months will define how M0 is perceived by partners, regulators, and institutional investors for years to come.

About the Role

Reporting to Deputy COO, you will be M0's first dedicated information security and risk professional – responsible for building the enterprise risk management program, owning the information security compliance certification roadmap, establishing the security operations framework, and responding to partner security due diligence requests. You will work daily across engineering, product, legal, BD, and operations to ensure that M0's security posture is proactive, documented, and defensible.

Key Responsibilities

  • Build and Own Enterprise Risk Management : Build M0's enterprise risk program from scratch. Cover security, operational, regulatory, and counterparty risk, including the risk register, annual assessments, scenario analyses, and escalation framework across all entities.
  • Own the Information Security Compliance Certification Program : Own M0's compliance posture across SOC 2, ISO 27001, and other applicable frameworks — driving all non-technical workstreams (policy writing, auditor coordination, vendor risk, access reviews, third-party SaaS vendor evaluations) and keeping the organization audit-ready at all times.
  • Establish the Information Security Operations Framework : Design and maintain M0's incident response framework, ISMS documentation, and security policies — own external security vendor relationships, facilitate tabletop exercises covering IR, BCP, and DR scenarios, and drive the selection of a security advisory firm for on-call support.
  • Own Partner Information Security Due Diligence : Serve as M0's primary point of contact for institutional partner security due diligence and inbound security questionnaires, build and maintain the reusable documentation package for responding to partner requests, and coordinate with Senior Counsel on information security representations in commercial agreements.
  • Build Information Security Awareness & Culture : Design and own M0's security awareness training program, ensure all employees understand their security obligations, and build a proactive security culture across engineering, operations, legal, and business teams.

Qualifications

  • 7–10 years of experience in information security, risk, GRC, or compliance operations, with meaningful ownership and a preference for fintech, crypto infrastructure, or B2B SaaS backgrounds.
  • Demonstrated track record of building a compliance certification program from scratch, in-depth knowledge of compliance and regulatory frameworks, including hands-on end-to-end ownership of a full SOC 2 audit cycle, ISO 27001 implementation/maintenance, etc.
  • Hands-on experience with GRC automation platforms (Vanta, Drata, or equivalent), cloud security environments (AWS preferred), and BCP/DR program design.
  • Proven experience managing external audit relationships end-to-end (including auditors, penetration testing firms, and compliance vendors) and navigating evidence collection and report production.
  • Working understanding of AWS, GCP, and Azure, including embedding security controls into DevOps workflows and Infrastructure as a Service (IaaS) deployments.
  • Preferred certifications: Cloud+, CySA+, CISSP, or CISM.

Skills & Attributes

  • A Proactive Risk Thinker: You think in terms of likelihood, impact, and mitigation, and you reason from first principles when regulations are unclear, translating complex risk into clear, business-relevant language.
  • Exceptionally Organized and Process-Driven : You maintain rigorous documentation, evidence records, and program trackers across concurrent workstreams. Your outputs need to be right and audit-ready at all times, and you have a track record of improving processes, not just running them.
  • A Builder with High Ownership : You are a self-starter with a "no job too big, no job too small" mentality. You look around corners to creatively solve problems and have a proven ability to own projects from concept to finish.
  • An Excellent Communicator & Partner : You build trust across engineering, legal, product, and business by speaking their language, embedding compliance as a shared operating principle rather than an external checkpoint, and getting things done through influence rather than authority.
  • Adaptable and Intellectually Curious : You have a positive attitude, comfort with ambiguity, and a relentless curiosity about new technologies. You have a passion for or a strong interest in crypto, blockchain technologies, and DeFi.

Nice to Haves

  • Security Certifications : Professional certifications in security risk management such as CISSP, CISM, or CRISC are preferred.
  • Crypto-Native Familiarity : Familiarity with digital assets, stablecoins, or blockchain infrastructure, including smart contract security risk and on-chain monitoring tools (BlockAid, Chainalysis, or similar).
  • Regulatory Exposure : Familiarity with GENIUS Act, MiCA, DORA, or other emerging digital asset and financial services regulatory frameworks and their security and compliance implications.
  • Multi-Entity Experience: Prior experience operating across a multi-entity structure (US operating entity, Cayman HoldCo, Swiss Foundation, or equivalent) is a plus.
  • Location : Ability to work multiple days a week in our main hub office in NYC.
Compensation:
  • Competitive compensation (base salary with equity/token grant) commensurate with experience.
Benefits:
  • Global team and flexibility: Join a truly global team with the flexibility to work remotely or from one of our hubs in NYC or Berlin.
  • Health and wellness: Enjoy comprehensive healthcare insurance coverage as well as a wellbeing allowance and gym membership to support your physical and mental health.
  • Customizable IT setup: Tailor your workspace with access to top-notch IT equipment.
  • Professional development: Benefit from an annual development budget to enhance your skills and grow professionally, including opportunities to participate in conferences and on-site company events worldwide.
Vacancy posted 15 days ago
Similar jobs that could be interesting for youBased on the Head of Security & Risk in New York, NY vacancy
  • $250k

     ...Managing Director & Head of Security and Defense, Public Sector Banking page is loaded## Managing Director & Head of Security and Defense, Public...  ...and effectively manage the heightened role of franchise risk associated with the security and defense business* Have a broad... 
    Suggested
    Full time
    Temporary work
    Work at office
    Local area

    Citibank (Switzerland) AG

    New York, NY
    2 days ago
  • $275k - $325k

     ...Head of Security Build the future of investment management with us The infrastructure managing $300 trillion in assets was built in the 90s. Now, all of it is up for grabs. The winner of the AI era of investment management will be a $100B+ company. We intend... 
    Suggested
    Work at office

    Moment Technology

    New York, NY
    4 days ago
  •  ...New York City Preferred / Reports to CTO / First in-house security hire As our first security hire, you will design, build, and present...  ...who can own it across the table from their CISOs, third-party risk teams, and auditors. You'll own the full lifecycle: designing... 
    Suggested
    Temporary work
    Immediate start
    Relocation

    Eisen

    New York, NY
    4 days ago
  •  ...ego. More about our values: morpho.org/jobs. Role As Head of Security, you'll define and drive Morpho's security strategy across the...  ...have an early, evidence-based view of the highest-severity risks and quick wins. You know exactly where incident-response readiness... 
    Suggested
    Remote work

    Morpho

    New York, NY
    2 days ago
  • $240k - $280k

     ...Director Of Security Merge is the leading provider of agentic tools and customer-facing integrations for frontier LLMs, Fortune 500 organizations, and B2B SaaS companies. Our platform offers three core products: Merge Unified, which enables businesses to add hundreds... 
    Suggested
    Full time
    Work at office
    Home office

    Merge LLC

    New York, NY
    3 days ago
  • $220k - $350k

     ...About the Role Grade Level (for internal use): 15 Head of Technology Risk, Governance, and Controls The Impact The Head of Technology...  ...works in partnership with key stakeholders in Information Security, divisional technology teams, Corporate functions, our... 
    Work at office
    Flexible hours
    2 days per week

    S&P Global

    New York, NY
    1 day ago
  • $240k - $310k

     ...The Role You will be the first dedicated security leader at Candid Health. You won’t just be managing a checklist; you will be building...  ...team of top flight security engineers that will expansively own Risk, Compliance, Threat Management, Product and Application Security... 
    Flexible hours

    Candid Health

    New York, NY
    1 day ago
  • $186.4k - $252.2k

     ...Global Head of Risk Management, Production Operations Job ID: 10457462 | Amazon.com Services LLC Amazon MGM Studios is seeking a Global Head of Risk Management to lead the studio's Financial Risk Management program. This leader owns the strategy and implementation... 
    Contract work
    For contractors
    Local area
    Worldwide
    Flexible hours
    Shift work

    Amazon

    New York, NY
    2 days ago
  • Hispanic Alliance for Career Enhancement is seeking a Lead Director of Third-Party Security Assessment & Risk Operations to oversee and ensure third parties meet security standards. This critical role involves collaboration with various departments to privilege clear risk... 

    Hispanic Alliance for Career Enhancement

    Brooklyn, NY
    6 days ago
  • $144.2k - $288.4k

    CVS Health is looking for a Lead Director of Third-Party Security Assessment & Risk Operations located in New Jersey. This role is vital for safeguarding the company by ensuring third parties adhere to security standards. The ideal candidate will lead and mature the Third... 

    Hispanic Alliance for Career Enhancement

    New York, NY
    6 days ago
  • CVS Health is seeking a Lead Director of Third-Party Security Assessment & Risk Operations. This role is crucial for ensuring that all third parties meet the required security standards. Responsibilities include leading the third-party security program and collaborating... 

    Hispanic Alliance for Career Enhancement

    New York, NY
    6 days ago
  • $144.2k - $288.4k

    Hispanic Alliance for Career Enhancement is looking for a Lead Director of Third-Party Security Assessment & Risk Operations. This key role focuses on ensuring that third-party partners meet required security standards. You'll lead assessments, manage risks, and collaborate... 

    Hispanic Alliance for Career Enhancement

    Brooklyn, NY
    6 days ago
  • The Hispanic Alliance for Career Enhancement is seeking a Lead Director of Third-Party Security Assessment & Risk Operations. This role is crucial in ensuring that third parties meet the security standards necessary in a regulated environment. You will lead the lifecycle... 
    Full time

    Hispanic Alliance for Career Enhancement

    New York, NY
    6 days ago
  • Stryker Corporation is seeking a Lead Director of Third-Party Security Assessment & Risk Operations. This role involves overseeing the security standards for vendors and partners, ensuring adherence to compliance regulations, and leading a team of security professionals... 
    Full time

    Stryker Corporation

    New York, NY
    2 days ago
  • $170k - $300k

     ...strategic messages and new disclosures to respond with the ever-evolving market environment.Investor Relations Director will report to the Head of Equity Investor Relations and has regular interaction with the Head of Investor Relations, Citi’s CFO, Business and Function... 
    Full time
    Flexible hours

    Citibank (Switzerland) AG

    New York, NY
    1 day ago
  • A leading educational institution is seeking a Director of Information Security to lead its cybersecurity initiatives and risk management program. The role entails strategic oversight and collaboration with executive leadership to develop a comprehensive security framework... 
    Remote job

    National University

    New York, NY
    4 days ago
  • A supportive housing organization in New York City seeks a Director of Operations & Security to manage facilities operations and ensure compliance with safety regulations. The ideal candidate has extensive experience in facilities management and crisis intervention skills... 
    Full time

    Naicany

    New York, NY
    2 days ago
  • Quiltsoftware is seeking an experienced leader in payments risk and fraud operations. In this role, you'll lead underwriting operations and work cross-functionally to ensure compliance while supporting growth for merchants. Ideal candidates will have 8-10+ years in payments... 
    Remote job

    Quiltsoftware

    New York, NY
    3 days ago
  • 3xFintech w Nowym Jorku poszukuje starszego dyrektora ds. ryzyka odpowiedzialnego za zarządzanie ryzykiem w banku. Idealny kandydat powinien mieć ponad 10-letnie doświadczenie w regulowanym banku oraz dogłębną znajomość ryzyk bankowych, takich jak ryzyko operacyjne i pł...
    Remote job

    3xFintech

    New York, NY
    5 days ago
  • Resumonk is seeking a Credit Risk Manager in New York City. This role involves defining and optimizing credit strategies, developing comprehensive credit policies, and managing risk operations. Ideal candidates will have at least 2 years of experience in consumer lending... 

    Resumonk

    New York, NY
    4 days ago
  • Goldman Sachs Bank AG is seeking a Vice President to lead Counterparty Risk within Global Risk Management in New York. You will own risk coverage across trading relationships and deliver clear reporting to senior stakeholders. The role demands 7+ years of experience in... 

    Goldman Sachs Bank AG

    New York, NY
    6 days ago
  • As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks, and using your expert judgement to solve real-world challenges... 

    NCSL International

    New York, NY
    6 days ago
  • $225k - $300k

    Morgan Stanley is seeking a candidate for a key role that involves assessing and managing risk across the Residential and Consumer platform. This position requires extensive expertise in residential mortgage risk management, strong communication skills, and the ability... 

    Morgan Stanley

    New York, NY
    2 days ago
  • $152.29k - $250.2k

     ...models and workflows. The ideal candidate will have over 12 years of experience in data and AI governance, showcasing strong skills in risk management and the ability to influence senior stakeholders. This position is based in New York, with a competitive salary range of... 

    The Guardian Life Insurance Company of America

    New York, NY
    3 days ago
  • w Payoneer , Nowy Jork, Stany Zjednoczone Opis stanowiska Założona w 2005 roku firma Payoneer to globalna platforma finansowa, która ułatwia prowadzenie działalności transgranicznej, a jej misją jest zapewnienie dostępu do rozwijającej się gospodarki światowej przedsię...

    3xFintech

    New York, NY
    6 days ago
  • IT Resources is seeking a Vice President of Risk Mitigation Solutions who will lead the creation of a new fraud prevention business line targeting credit unions and community banks. The ideal candidate will have a strategic mindset, deep expertise in fraud and payments... 
    Remote job

    IT Resources

    New York, NY
    5 days ago
  • Worthland seeks a Lead Risk Manager for Payment Fraud in New York. This role is crucial for shaping the company's fraud management strategy in a rapidly growing fintech environment. You will develop AI-driven detection models and handle high-level analytics, ensuring safety... 

    Worthland

    New York, NY
    3 days ago
  • $297.6k - $360k

    GitLab is seeking a Vice President of Product Security to oversee the integration of security in its AI-powered DevSecOps platform. The role involves leading a global team, driving security architecture, and collaborating with CTO and CISO. Candidates should possess extensive... 
    Flexible hours

    GitLab

    New York, NY
    4 days ago
  • $220k - $255k

    Remote Jobs is seeking a Head of Security Research to lead a team focused on innovating in cybersecurity. This pivotal role requires over 8 years of experience in security engineering and threat hunting, alongside 3+ years in team management. You'll drive product effectiveness... 
    Remote job

    Remote Jobs

    New York, NY
    4 days ago
  •  ...infrastructure, Zenith sits at the intersection of DeFi innovation and global financial markets. Role Summary We are hiring a hands‑on Head of Security to own and build our security posture end-to-end. This is a deeply technical role, not a policy-only or management-only... 
    Contract work

    Framework Ventures

    New York, NY
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Head of Security & Risk. Be the first to apply!