Offres d'emploi

The Chief Information Security Officer is a senior executive responsible for designing, implementing, and operating enterprise-wide information security, cybersecurity, AI governance and resilience programs commensurate with a highly complex, global family office and investment functions. This role has materially expanded beyond traditional family office CISO due to operational complexity of securing an internal trade execution pipeline, increasing reliance on cloud-native platforms, CI/CD-driven engineering workflows, and AI-enabled systems. This position reports to the Chief Risk and Security Officer and will serve as a strategic partner to senior leadership across Investment, Trading, Technology, Compliance, Legal, and Operations, ensuring that information & cyber security enable the business while protecting sensitive financial, personal, and intellectual assets. The role requires deep financial-sector expertise, hands-on understanding of modern software delivery (SDLC/CI-CD), and strong leadership in AI governance, risk management, business continuity and security.

Day-to-day responsibilities would include a combination of the following:

• Enterprise & Financial Security Leadership
  • Own the enterprise information security & cybersecurity strategy across Dalio Family Office entities, including offices and personnel operating in the US, Singapore and Abu Dhabi.
  • Design and operate information security controls aligned with financial-sector expectations for confidentiality, integrity, availability, and market integrity.
  • Provide oversight and assurance for systems supporting trading, portfolio management, research, treasury, and middle/back-office functions.
  • Advise senior leadership and principals on cybersecurity, operational risk, monitoring and systemic risk exposures relevant to investment activities.
• Trade Execution Pipeline Security
  • Lead security architecture and control design for the DFO trade execution pipeline, including integration with OMS, prime brokerage, custodians, and middle/back-office platforms.
  • Ensure appropriate preventative, detective, monitoring and responsive controls across the full trade lifecycle and proactively working with the Insider Risk & Investigations team.
  • Partner closely with Trading, Investment Engineering, Finance, Data Protection Officer and Compliance to align security with regulatory, audit, and operational requirements.
  • Establish controls for privileged access, segregation of duties, data lineage, logging, monitoring, and incident response in trading workflows.
• SDLC, CI/CD & Engineering Security
  • Own application security and DevSecOps strategy across cloud and on-prem environments.
  • Embed security & AI controls into SDLC and CI/CD pipelines, including code scanning, dependency management, secrets management, environment isolation, and release governance.
  • Partner with Engineering leaders to balance delivery velocity with robust security outcomes.
  • Oversee vulnerability management, penetration testing, and remediation programs aligned to business risk.
• AI Governance, Risk & Security
  • Establish and lead AI governance frameworks covering internal and third-party AI systems.
  • Assess and manage AI-related risks including data leakage, model misuse, IP exposure, bias, explainability, and regulatory compliance.
  • Approve AI use cases involving sensitive data, financial information, or decision-making processes.
  • Partner with Legal, Compliance, and Risk to ensure AI controls are defensible, auditable, and aligned with emerging regulations and industry standards.
• Cyber, Insider & Third-Party Risk Management
  • Own enterprise cyber risk management and third-party risk due diligence & oversight in close coordination with the procurement team.
  • Manage and govern all critical security vendors, including MDR, MSSPs, and other managed security providers.
  • Ensure continuous security monitoring and incident response coverage across all Dalio Family Office entities and global locations, including the U.S., Singapore, and Abu Dhabi.
  • Approve risk acceptances, compensating controls, and exceptions through documented, defensible processes.
  • Oversee security operations, monitoring, detection, and incident response across global environments.
  • Act as incident commander for significant cyber domain events, including escalation to senior leadership.
• Governance, Audit & Regulatory Readiness
  • Ensure security program alignment with financial industry best practices (ISO 27001, NIST, SOC 2, hedge fund / family office expectations).
  • Support internal and external audits, examinations, and due diligence requests.
  • Develop and maintain security policies, standards, playbooks, and executive reporting.
  • Provide clear, concise, and decision-grade reporting to senior leaders and trustees.
• Leadership & Organizational Development
  • Build, lead, and mentor a high-performing global information & cybersecurity security team.
  • Foster a culture of risk awareness, accountability, and security-by-design across the organization.
• Additional duties as assigned

The ideal candidate will possess the following knowledge, skills, attributes, and values:

• Prior experience in family office, hedge fund, or highly confidential investment environments.
• Hands-on experience with cloud platforms (Azure, AWS, GCP) and security tooling.
• Experience supporting global operations across the U.S., Middle East, Europe, and Asia.
• Demonstrated success scaling information and cybersecurity security programs in fast-moving, high-trust organizations.

Illustrative Benefits:

• 100% company paid medical premiums
• 17 company paid holidays
• Friday summer hours
• Monthly community happy hours
• Hybrid work environment
• Free catered food services for in-office days
• Generous PTO offering
• Casual dress code
• 150% 401(k) match up to $7,500 and 100% match above $7,500 ($15k match limit)
• Gym reimbursement, back up childcare services, insurance, financial, and legal services, and much more!

Qualifications:

• No less than 15 years of progressive experience in cybersecurity, information security, or technology risk as well as ISO 27001 and SOC2.
• At least 5 years operating as a senior security leader within the financial sector or relevant adjacent sector (e.g., hedge funds, private investment firms, banks, fintech, or asset managers).
• Demonstrated recent experience securing trade execution, market-facing systems, or highly sensitive financial platforms.
• Deep understanding of SDLC, CI/CD pipelines, cloud-native architectures, and modern engineering practices.
• Proven experience designing and operating AI governance, risk, and security programs.
• Strong executive communication skills with experience advising principals, boards, or senior leadership.
• Bachelor's degree in information security, Computer Science, Engineering, or related field required.
• Ability to travel domestically and internationally approximately 10% of the year.
• Preferred Qualifications:
  • Advanced degree (MBA, MS) or relevant certifications (CISSP, CISM, CCSP, ISO 27001 Lead Implementer)

Compensation for the role includes a competitive salary in the range from $405,000 -$655,000 (inclusive of a merit-based bonus, dependent on years of experience, level of education obtained, as well as applicable skillset) and an excellent benefits package, including paid time off ranging from 15 to 25 days based on years of service, paid sick and safe leave, dental, vision, life and disability insurance, paid parental time off, birth mother recovery pay, sick family member pay, parental ramp back up program, gym reimbursement and generous employer match for 401k.

Please note we are unable to provide immigration sponsorship for this position.

At the DFO, we believe our biggest asset is our people. We are proud to be an equal opportunity employer, hiring and developing individuals from diverse backgrounds and experiences to add to our collaborative