Head of Information Security

Institutional Fabric for the Digital Asset Market

Founded in 2018, Talos provides institutional-grade trading technology for the global digital asset market, powering many of the major players in the crypto ecosystem.  

Our mission at Talos is clear: to advance the mass adoption of digital assets by seamlessly connecting institutions to the digital asset ecosystem. We are committed to building the most innovative and trusted platform in the world, supporting the entire trading lifecycle.

At Talos, you'll find an environment that champions kindness and respect, values diverse perspectives, and upholds inclusivity at every turn. We believe that every member of our team adds invaluable insights and abilities that drive Talos forward. In our pursuit of excellence, we foster a culture of trust and integrity, collaboration, and mutual growth. Together, we are ambitiously building something extraordinary. Your unique talents and insights will play a crucial role in our shared success.

We are a tight-knit but decentralized team of highly-experienced engineers and businesspeople. We have a hybrid-friendly work environment, with physical hubs in New York, London, Singapore, Sweden and Cyprus.

About the Role

We are seeking a strategic and hands-on Head of InfoSec to lead our cybersecurity initiatives with a strong emphasis on governance, risk management, and compliance (GRC). This role is critical in shaping and enforcing security policies, driving enterprise-wide risk management, and ensuring ongoing compliance with frameworks such as SOC 2, ISO 27001, and other regulatory requirements. The ideal candidate is not only a technical expert but also a business-savvy leader who can align security strategy with organizational goals.

Key Responsibilities & Duties

Governance, Risk & Compliance:

• Develop, implement, and maintain the company’s information security governance framework.

• Lead the strategy and execution for security compliance initiatives including SOC 2, ISO 27001, NIST, and other relevant standards.

• Oversee and manage the enterprise risk management program, including identification, assessment, and mitigation of information security risks.

• Regularly report to executive leadership and the board on security risks, compliance status, and incident responses.

External Engagement:

• Confidently represent Talos in security conversations with tier-one financial institutions, prospects, and auditors. Lead responses to DDQs, participate in client security reviews, and act as a trusted partner in navigating complex enterprise and regulatory expectations.

Security Operations:

• Provide oversight and strategic direction for the Security Operations Center (SOC).

• Monitor and respond to cybersecurity threats, incidents, and vulnerabilities.

• Ensure incident response and disaster recovery plans are current, tested, and effective.

• Implement and maintain security tools, processes, and technologies to protect data and infrastructure.

Policy & Architecture:

• Establish and enforce company-wide information security policies and standards.

• Collaborate with IT and engineering teams to integrate secure development practices and secure architecture reviews.

• Evaluate and recommend security solutions that align with business needs and reduce organizational risk.

Training & Awareness:

• Lead company-wide security awareness training programs.

• Foster a culture of security across all departments through education and engagement.

Requirements

• 10+ years of experience in cybersecurity, with 5+ years in a senior leadership role (CISO, VP of Security, or equivalent).

• Deep knowledge of governance frameworks and compliance standards (e.g., SOC 2, ISO 27001, HIPAA, NIST, GDPR).

• Proven experience managing or leading successful SOC 2 audits and other regulatory/compliance initiatives.

• Confident engaging with auditors and enterprise clients; experience representing security to financial institutions.

• Strong understanding of enterprise risk management methodologies.

• Technical background with knowledge of security operations, threat intelligence, and secure architecture.

• Experience working in or with cloud-native environments (AWS, Azure, GCP).

• CISSP, CISM, or similar certifications strongly preferred.

• Excellent leadership, communication, and stakeholder management skills.

Qualifications

• Experience in SaaS, FinTech, HealthTech, or other highly regulated industries.

• Familiarity with security and privacy laws globally (e.g., CCPA, GDPR).

• Strong project management and documentation skills.

• MBA or relevant advanced degree is a plus.

Reasons you should apply:

• You're a security leader who can balance business risk with technical rigor in high-stakes environments.

• You have direct experience with audits, compliance frameworks (SOC2, ISO 27001, GDPR, DORA), and regulatory engagement.

• You're comfortable leading both strategy and hands-on execution, including during incidents and client escalations.

• You thrive in fast-paced, ambiguous environments where you need to build structure, not just operate within it.

Reasons you shouldn't apply:

• You prefer rigid security models over pragmatic, business-aligned decision making.

• You want a purely internal role without engaging with clients, regulators, or executive leadership.

• You need heavy process, formal hierarchy, or predefined roadmaps to operate effectively.

• You lack experience leading security functions in regulated or high-trust industries.

Benefits 

You will also enjoy a comprehensive array of competitive benefits, regardless of your location, within our warm, welcoming, and ambitious company culture. Our offerings include a monthly wellness credit for personal use, such as gym memberships, massages, or even a ski pass for your next holiday. Additionally, we provide paid lunches in the office, monthly fitness and evening socials to foster connections with colleagues, and annual offsite events to engage with the wider team.

Get In Touch!

Sounds compelling?  We’d love to hear from you.  Contact us directly.

Also, check out other open positions listed on our website.

Talos is proud to be an Equal Opportunity employer.  We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.  Talos is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process.  If you need any assistance or accommodations due to a disability, please let us know at careers@talos.com.

To protect the interests of all parties, Talos Trading, LLC and its affiliates (“Talos”) strongly discourage submission of unsolicited resumes from any source other than directly from a candidate.

Talos will NOT pay fees, commissions or compensation of any kind (“Fees”) for any placement or hire resulting from the receipt of an unsolicited resume. Talos will consider any candidate for whom an Agency has submitted an unsolicited resume to have been referred by the Agency free of any charges or fees and Talos reserves the right to contact, interview, and hire the candidate directly.

Agencies, search firms, recruitment firms and similar organizations (“Agencies”) must obtain advance written approval from Talos’s internal recruiting team to submit resumes, AND must sign a valid fully executed placement agreement with Talos in order to be eligible to receive any Fees from Talos. Talos will not pay a Fee to any Agency that does not have such agreement in place.  By submitting a resume without a signed agreement, you acknowledge and accept these terms.

© Talos Trading, careers@talos.com

By submitting your application and pursuing job candidacy, you consent to the processing of your personal information in connection with our Applicant & Employee Privacy Notice.