ABOUT US
At Xsolla, we believe that every great game starts with a spark of imagination, fueled by the passion and perseverance of creators worldwide. Our goal is to support these innovators by providing the tools and resources they need to turn their visions into reality. We are dedicated to creating equal opportunities for all developers to share their creations with the world.

Based in Los Angeles and with offices in Berlin, Seoul, and other global locations, we collaborate with top industry names like Valve, Twitch, and Ubisoft to drive innovation in gaming. Our services extend to over 200 regions, offering more than 700 payment options in over 130 currencies.

Longevity. Opportunity. Vision. Enjoy the game!

ABOUT YOU
Xsolla is looking for a seasoned and forward-thinking Chief Information Security Officer (CISO) to lead and expand our global information security and compliance efforts. In this key leadership role, you will be responsible for protecting our products, platforms, infrastructure, and customer data worldwide. Your work will be vital to maintaining the confidence of our partners and users as we continue to grow and innovate in the gaming industry.

Reporting to the CTO, you will collaborate across departments—including executive leadership, engineering, legal, compliance, and product teams—to ensure our security and compliance strategies support our business goals while fostering innovation and agility.

RESPONSIBILITIES

– Develop and continuously improve Xsolla’s company-wide information security and compliance strategy.
– Act as the lead executive for managing cybersecurity risks and incident response.
– Provide strategic advice to the executive team on security priorities and investments.
– Ensure security initiatives align with business goals, legal requirements, and customer trust.
– Build and lead a top-tier security team covering operations, application security, and governance, risk, and compliance (GRC).
– Promote a security-first mindset throughout the organization.
– Manage security across cloud infrastructure (AWS/GCP), SaaS tools, corporate IT, and development environments.
– Integrate secure practices into the software development lifecycle, CI/CD, DevSecOps, and infrastructure-as-code.
– Lead threat modeling, secure code reviews, vulnerability management, and threat detection.
– Maintain a strong incident response and disaster recovery plan.
– Oversee compliance with standards such as PCI DSS, SOC 1/2, GDPR, CCPA, and others.
– Conduct audits, risk assessments, and gap analyses to ensure compliance.
– Work with Legal, IT, and auditors to align policies with evolving regulations.
– Create a company-wide risk management framework for cybersecurity and compliance.
– Select and manage security tools for infrastructure, endpoints, and applications.
– Coordinate with third-party vendors for audits, penetration testing, and other services.
– Implement scalable processes for vulnerability remediation and compliance tracking.
– Communicate security and compliance risks in business terms to leadership and stakeholders.
– Provide regular updates and reports on security status, risks, and compliance to the board.

REQUIREMENTS

– 10+ years of progressive leadership in cybersecurity and compliance, preferably in SaaS or enterprise tech.
– Strong knowledge of cloud-native security (AWS/GCP), application security, data protection, and risk management.
– Hands-on experience managing compliance across multiple frameworks (PCI DSS, SOC 1/2, GDPR, ISO 27001, etc.).
– Proven success in scaling global security programs aligned with business and product strategies.
– Excellent communication and executive reporting abilities.
– Experience implementing secure development and DevSecOps practices in fast-paced environments.

NICE TO HAVE

– Background in gaming, fintech, or B2B platform services.
– Familiarity with tools like Palo Alto Networks, Google Cloud SCC, AWS Security Hub/GuardDuty, or similar.
– Professional certifications such as CISSP, CISM, CCSP, or CISA.
– In-depth understanding of global data privacy laws and international data transfer practices.

COMPENSATION
$110,000 – $300,000 annually
This salary range applies to Los Angeles, CA, and may vary depending on location and experience.

EQUAL EMPLOYMENT OPPORTUNITY
Xsolla is an equal opportunity employer. We embrace diversity and are committed to fostering an inclusive workplace. We do not discriminate based on race, color, religion, sex, national origin, age, disability, sexual orientation, gender identity, or any other legally protected status.

FAIR CHANCE ACT
We consider qualified applicants with criminal histories in accordance with the Fair Chance Act.

BACKGROUND CHECK
For the CISO role, a background check may include:
– Criminal history
– Employment verification
– Education verification

These checks are relevant due to responsibilities involving access to confidential data, regulatory compliance, and financial oversight.

YOUR RIGHTS
Applicants are encouraged to learn about their rights under the Fair Chance Act. For questions, contact careers@xsolla.com.

BENEFITS
We are committed to supporting the well-being of our employees and their families. Our benefits include fully paid medical, dental, and vision coverage, unlimited Flexible Time Off, and personalized career development plans. We invest in training and education to help our team grow professionally and personally. At Xsolla, we’re not just building a company—we’re nurturing a community that values creativity, collaboration, and the power of play.

By submitting your application, you agree to Xsolla processing your personal data for recruitment purposes, in accordance with our Candidate Privacy Notice. For questions about data privacy, contact careers@xsolla.com.