SOLANA FOUNDATION
Location
New York, NY
Employment Type Full time
Location Type Hybrid
Department Engineering
Compensation
$200K – $250K • Offers Equity • Offers Bonus
About the Company
Rain makes the next generation of payments possible across the globe. We’re a lean and mighty team of passionate builders and veteran founders. Our infrastructure makes stablecoins usable in the real-world by powering card transactions, cross-border payments, B2B purchases, remittances, and more. We partner with fintechs, neobanks, and institutions to help them launch solutions that are global, inclusive, and efficient. You will have the opportunity to deliver massive impact at a hypergrowth company that is funded by some of the top investors in fintech, crypto, and SaaS, including Sapphire Ventures, Norwest, Galaxy Ventures, Lightspeed, Khosla, and several more. If you’re curious, bold, and excited to help shape a borderless financial future, we’d love to talk.
Our Ethos
We believe in an open and flat structure. You will be able to grow into the role that most aligns with your goals. Our team members at all levels have the freedom to explore ideas and impact the roadmap and vision of our company.
What You’ll Do
As CISO, you will own Rain’s
security governance, risk, and compliance strategy , with a particular focus on
ISO certification and regulatory readiness , while partnering closely with engineering, infrastructure, legal, and operations teams.
Own and drive Rain’s
information security and compliance strategy , with a primary focus on
ISO 27001
(and related standards) readiness, certification, and ongoing maintenance
Serve as the
executive owner
for security compliance programs (e.g., ISO 27001, SOC 2, vendor risk, customer security reviews)
Design, implement, and continuously improve Rain’s
security governance framework , including policies, standards, and risk management processes
Partner closely with
Engineering, Infrastructure, Product, Legal, and Operations
to embed compliance and security requirements into technical and business workflows
Lead and manage
external audits, certifications, and assessments , acting as the primary point of contact for auditors and assessors
Translate regulatory, customer, and partner security requirements into
practical, scalable controls
that align with Rain’s architecture and operating model
Own the
risk management lifecycle , including risk identification, assessment, prioritization, and executive reporting
Establish and track
security and compliance metrics , reporting posture, progress, and risk to executive leadership and the board as needed
Oversee
incident response governance , ensuring policies, playbooks, and escalation paths meet compliance and regulatory expectations
You Are Likely to Succeed If You Have:
8–12+ years of experience
in information security, GRC, or security leadership roles, with demonstrated ownership of compliance programs
Hands‑on experience
leading ISO 27001 certification efforts
(initial certification and/or ongoing surveillance audits)
Experience operating as a
security leader in a high‑growth, technology‑driven company , ideally in fintech, payments, or regulated environments
Strong understanding of
security governance, risk management, and control frameworks
(ISO 27001/27002, SOC 2, NIST, etc.)
Proven ability to partner effectively with
engineering and technical teams
to implement controls in cloud‑native and application‑driven environments
Experience managing
third‑party risk , customer security questionnaires, and enterprise security reviews
Ability to clearly communicate
risk, tradeoffs, and priorities
to executives and non‑technical stakeholders
Bonus Attributes (Nice‑to‑Haves)
Experience with additional frameworks such as
SOC 2 Type II, PCI DSS, ISO 22301 , or regional regulatory requirements
Prior experience acting as a
first or early security leader
at a scaling company
Familiarity with
cloud security and modern application architectures , even if not hands‑on day‑to‑day
Experience supporting
global customers or international compliance requirements
Security or compliance certifications (e.g.,
CISSP, CISM, ISO 27001 Lead Implementer / Auditor )
Experience presenting security posture or risk assessments to
boards or executive committees
Things that enable a fulfilling, healthy and happy experience at Rain:
Unlimited time off
Unlimited vacation can be daunting, so we require Rainmakers to take 10 days minimum for themselves.
Flexible working
☕ We support a flexible workplace, if you feel comfortable at home please work from home. If you’d like to work with others in an office feel free to come in. We want everyone to be able to work in the environment in which they are their most confident and productive selves. New Rainmakers will have a stipend to create a comfortable atmosphere at home.
Easy to access benefits
For US Rainmakers, we offer comprehensive health, dental and vision plans for you and your dependents, as well as a 100% company subsidized life insurance plan.
Retirement goals Plan for the future with confidence. We offer a 401(k) with a 4% company match.
Equity plan
We offer every Rainmakers an equity option plan so we can all can benefit from our success.
Rain Cards
️ We want Rainmakers to be knowledgeable about our core products and services. To support this mission, we issue a card for our team to utilize the card for testing.
Health and Wellness
High performance begins from within. Rainmakers are welcome to use their card for eligible health and wellness spending like gym memberships/fitness classes, massages, acupuncture - whatever recharges you! Team summits
✨ Summits play an important role at Rain! Time spent together helps us get to know each other, strengthen our relationships, and build a common destiny. Expect team and company offsites both domestically and internationally.
Compensation Range: $200K - $250K
#J-18808-Ljbffr
Employment Type Full time
Location Type Hybrid
Department Engineering
Compensation
$200K – $250K • Offers Equity • Offers Bonus
About the Company
Rain makes the next generation of payments possible across the globe. We’re a lean and mighty team of passionate builders and veteran founders. Our infrastructure makes stablecoins usable in the real-world by powering card transactions, cross-border payments, B2B purchases, remittances, and more. We partner with fintechs, neobanks, and institutions to help them launch solutions that are global, inclusive, and efficient. You will have the opportunity to deliver massive impact at a hypergrowth company that is funded by some of the top investors in fintech, crypto, and SaaS, including Sapphire Ventures, Norwest, Galaxy Ventures, Lightspeed, Khosla, and several more. If you’re curious, bold, and excited to help shape a borderless financial future, we’d love to talk.
Our Ethos
We believe in an open and flat structure. You will be able to grow into the role that most aligns with your goals. Our team members at all levels have the freedom to explore ideas and impact the roadmap and vision of our company.
What You’ll Do
As CISO, you will own Rain’s
security governance, risk, and compliance strategy , with a particular focus on
ISO certification and regulatory readiness , while partnering closely with engineering, infrastructure, legal, and operations teams.
Own and drive Rain’s
information security and compliance strategy , with a primary focus on
ISO 27001
(and related standards) readiness, certification, and ongoing maintenance
Serve as the
executive owner
for security compliance programs (e.g., ISO 27001, SOC 2, vendor risk, customer security reviews)
Design, implement, and continuously improve Rain’s
security governance framework , including policies, standards, and risk management processes
Partner closely with
Engineering, Infrastructure, Product, Legal, and Operations
to embed compliance and security requirements into technical and business workflows
Lead and manage
external audits, certifications, and assessments , acting as the primary point of contact for auditors and assessors
Translate regulatory, customer, and partner security requirements into
practical, scalable controls
that align with Rain’s architecture and operating model
Own the
risk management lifecycle , including risk identification, assessment, prioritization, and executive reporting
Establish and track
security and compliance metrics , reporting posture, progress, and risk to executive leadership and the board as needed
Oversee
incident response governance , ensuring policies, playbooks, and escalation paths meet compliance and regulatory expectations
You Are Likely to Succeed If You Have:
8–12+ years of experience
in information security, GRC, or security leadership roles, with demonstrated ownership of compliance programs
Hands‑on experience
leading ISO 27001 certification efforts
(initial certification and/or ongoing surveillance audits)
Experience operating as a
security leader in a high‑growth, technology‑driven company , ideally in fintech, payments, or regulated environments
Strong understanding of
security governance, risk management, and control frameworks
(ISO 27001/27002, SOC 2, NIST, etc.)
Proven ability to partner effectively with
engineering and technical teams
to implement controls in cloud‑native and application‑driven environments
Experience managing
third‑party risk , customer security questionnaires, and enterprise security reviews
Ability to clearly communicate
risk, tradeoffs, and priorities
to executives and non‑technical stakeholders
Bonus Attributes (Nice‑to‑Haves)
Experience with additional frameworks such as
SOC 2 Type II, PCI DSS, ISO 22301 , or regional regulatory requirements
Prior experience acting as a
first or early security leader
at a scaling company
Familiarity with
cloud security and modern application architectures , even if not hands‑on day‑to‑day
Experience supporting
global customers or international compliance requirements
Security or compliance certifications (e.g.,
CISSP, CISM, ISO 27001 Lead Implementer / Auditor )
Experience presenting security posture or risk assessments to
boards or executive committees
Things that enable a fulfilling, healthy and happy experience at Rain:
Unlimited time off
Unlimited vacation can be daunting, so we require Rainmakers to take 10 days minimum for themselves.
Flexible working
☕ We support a flexible workplace, if you feel comfortable at home please work from home. If you’d like to work with others in an office feel free to come in. We want everyone to be able to work in the environment in which they are their most confident and productive selves. New Rainmakers will have a stipend to create a comfortable atmosphere at home.
Easy to access benefits
For US Rainmakers, we offer comprehensive health, dental and vision plans for you and your dependents, as well as a 100% company subsidized life insurance plan.
Retirement goals Plan for the future with confidence. We offer a 401(k) with a 4% company match.
Equity plan
We offer every Rainmakers an equity option plan so we can all can benefit from our success.
Rain Cards
️ We want Rainmakers to be knowledgeable about our core products and services. To support this mission, we issue a card for our team to utilize the card for testing.
Health and Wellness
High performance begins from within. Rainmakers are welcome to use their card for eligible health and wellness spending like gym memberships/fitness classes, massages, acupuncture - whatever recharges you! Team summits
✨ Summits play an important role at Rain! Time spent together helps us get to know each other, strengthen our relationships, and build a common destiny. Expect team and company offsites both domestically and internationally.
Compensation Range: $200K - $250K
#J-18808-Ljbffr