Chief Information Security Officer

Role Overview

We are looking for a Chief Information Security Officer (CISO) to join our team managed out of the Luxembourg office.

This role is designed for a security leader who is ready to hold formal CISO accountability from day one, while building and maturing the information security function over time. The CISO will operate within a supported governance model, working closely with executive management, compliance, legal, and external security partners.

The scope of the role is expected to scale progressively as STOKR grows, making this an excellent opportunity for a senior security professional stepping into a first or early CISO position in a regulated crypto-asset environment.

Key Responsibilities

• Hold formal accountability as Chief Information Security Officer for STOKR, including responsibility for the information security framework and related regulatory expectations.
• Define, maintain, and progressively mature STOKR’s information security strategy in alignment with MiCA and DORA requirements.
• Own the information security risk management framework, including risk identification, assessment, mitigation planning, and documentation.
• Oversee security aspects of blockchain infrastructure, custody and wallet solutions, and cryptographic key management, in coordination with internal teams and external experts.
• Ensure appropriate security governance over crypto and fiat payment rails, stablecoin flows, and the digital securities lifecycle.
• Work closely with compliance and legal teams on regulatory filings, audits, and supervisory interactions related to information security.
• Support and participate in interactions with national competent authorities on security-related matters, under executive oversight.
• Coordinate incident response processes, including investigation, documentation, and contribution to regulatory notification obligations.
• Oversee business continuity and disaster recovery planning in line with DORA and operational resilience standards.
• Coordinate vulnerability management, penetration testing, and security monitoring activities, leveraging external service providers where appropriate.
• Oversee the security posture of critical third-party service providers and vendors.
• Act as the primary internal point of contact for information security matters for executive management and, where required, the board.

Skills and Experience

• 7–10+ years of experience in information security, including experience in regulated financial services, fintech, or crypto-asset environments.
• Experience operating in a formal security accountability role (e.g. CISO, Deputy CISO, Head of Information Security, or equivalent).
• Strong technical understanding of blockchain security concepts, digital asset custody, wallet infrastructure, and cryptographic key management.
• Working knowledge of MiCA ICT security and operational resilience requirements; familiarity with DORA is a strong advantage.
• Experience working with security frameworks such as ISO 27001, SOC 2, or similar.
• Experience coordinating audits, security assessments, and regulatory reviews.
• Solid technical foundations in secure development practices, access controls, encryption, cloud security, and incident response.
• Relevant certifications (e.g. CISSP, CISM, CRISC) are an advantage but not mandatory.
• Strong communication skills, with the ability to explain security risks clearly to non-technical stakeholders.
• Fluent in English (written and spoken). French is a plus.

What We Offer

• A formal CISO role within a regulated and supervised crypto-asset platform.
• A clear opportunity to grow the CISO function, scope, and team as the company scales.
• Exposure to real-world tokenization, Bitcoin-based infrastructure, and regulated digital securities.
• Close collaboration with executive management on strategic and regulatory topics.
• A flexible and trust-based working environment with real ownership and impact.
• The opportunity to shape security foundations in a fast-evolving industry.

Sounds interesting? Then we are looking forward to receiving your application.

Explore our platform and learn more about what we do at www.stokr.io.