Fireblocks is hiring a

Web3 Cyber GRC Director

The Cyber GRC Director will lead the organization's efforts in establishing, implementing, and maintaining a comprehensive governance, risk management, and compliance framework tailored to the unique challenges and opportunities of Fireblocks technology, product, and business environment. 

Key Responsibilities:

• Governance: Develop and maintain the security governance framework, policies, and procedures to align with industry standards and best practices.
• Cyber Risk Management: Identify, assess, and prioritize security risks to the organization's assets, systems, and data; Implement risk mitigation strategies and controls to minimize exposure to threats and vulnerabilities; Conduct regular risk assessments and provide recommendations for remediation actions; Evaluate and manage security risks associated with third-party vendors and service providers.
• Compliance: Develop and maintain an effective compliance framework aligned with all applicable laws, regulations, and global industry standards. Ensure compliance with regulatory mandates and reporting requirements, including the timely submission of audit reports and certifications, and coordinate internal and external audits, working closely with audit teams to address findings and implement corrective actions. Stay abreast of regulatory developments and advise on compliance strategies relevant to the financial sector.
• Training and Awareness: Lead cross-discipline educational initiatives to promote a culture of risk awareness and compliance among employees, Third parties, addressing the unique threats and risks of Fireblocks business and technological environment.
• Stakeholder Engagement: Collaborate with executive leadership and other internal stakeholders to ensure security initiatives are aligned with business objectives. Engage with external stakeholders, including regulators, partners, and vendors, on GRC matters.
• Leadership and management of the GRC team - Develop and empower the GRC team and will be responsible for the vision and strategic planning, accompanied by budget and KPIs, and developing a comprehensive work plan, consisting of both innovation and operations activities.

Qualifications:

• Minimum of 10+ years of experience in cybersecurity, with 5+ years in a leadership role.
• Proven experience in developing and implementing a comprehensive Cyber GRC program.
• Deep understanding of industry best practices and relevant regulations (e.g., SOC 2, ISO 27xxx).
• Background in financial sector is an advantage.
• Preferable technological understanding and product development practices.
• Visionary and innovation-driven person, capable of executing in an agile manner, and embraces a constantly changing environment.
• Excellent communication, collaboration, and interpersonal skills.
• Strong analytical and problem-solving skills.