Head of Security & Risk at M0 answer
Is this job still open?
GMI Jobs is currently showing this Head of Security & Risk role at M0 as an active listing from employer-controlled hiring sources. Always confirm final availability on the employer application page before applying.
How do I apply for this role?
Use the application link on this page to apply directly with M0. GMI Jobs keeps the canonical job page, company context, and market links together so candidates can compare before leaving the site.
What should I compare before applying?
Compare the role location (NYC or Remote, USA), any listed pay signal, company profile, related crypto jobs, and salary context before applying. Listed pay signals are not guaranteed offers; confirm compensation with the employer.
Job Description
<p><strong>Intro</strong></p>
<p>M0 is the shared infrastructure where businesses launch their own branded stablecoins and financial institutions power them. Built on a common standard, every stablecoin on M0 is interoperable and liquid from day one – giving businesses programmable control over how money moves in their ecosystems, and giving financial institutions the most advanced issuance stack in the industry.</p>
<p>M0 is seeking a sharp, execution-focused Head of Security &amp; Risk to build and own the information security and risk function from the ground up. This is a foundational IC role at a critical inflection point for the company – M0 is onboarding regulated institutional partners, expanding its on-chain liquidity solutions, and operating infrastructure that regulated entities depend on. The information security and risk posture we establish in the next 12 months will define how M0 is perceived by partners, regulators, and institutional investors for years to come.</p>
<p><strong>About the Role</strong></p>
<p>Reporting to Deputy COO, you will be M0’s first dedicated information security and risk professional – responsible for building the enterprise risk management program, owning the information security compliance certification roadmap, establishing the security operations framework, and responding to partner security due diligence requests. You will work daily across engineering, product, legal, BD, and operations to ensure that M0’s security posture is proactive, documented, and defensible.</p>
<p><strong>Key Responsibilities</strong></p>
<ul>
<li><strong>Build and Own Enterprise Risk Management</strong>: Build M0’s enterprise risk program from scratch. Cover security, operational, regulatory, and counterparty risk, including the risk register, annual assessments, scenario analyses, and escalation framework across all entities.</li>
<li><strong>Own the Information Security Compliance Certification Program</strong>: Own M0's compliance posture across SOC 2, ISO 27001, and other applicable frameworks — driving all non-technical workstreams (policy writing, auditor coordination, vendor risk, access reviews, third-party SaaS vendor evaluations) and keeping the organization audit-ready at all times.</li>
<li><strong>Establish the Information Security Operations Framework</strong>: Design and maintain M0's incident response framework, ISMS documentation, and security policies — own external security vendor relationships, facilitate tabletop exercises covering IR, BCP, and DR scenarios, and drive the selection of a security advisory firm for on-call support.</li>
<li><strong>Own Partner Information Security Due Diligence</strong>: Serve as M0's primary point of contact for institutional partner security due diligence an