Crypto.com is hiring a

Web3 Cyber Security Incident Response Lead (US)

Founded in 2016, Crypto.com today serves over 10 million customers with the world’s fastest growing crypto app, along with the Crypto.com Visa Card — the world’s largest crypto card program — the Crypto.com Exchange and Crypto.com DeFi Wallet. Recently launched, Crypto.com NFT is the premier platform for collecting and trading NFTs, carefully curated from the worlds of art, design, entertainment and sports.
Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27701:2019, CCSS Level 3, ISO27001:2013 and PCI:DSS 3.2.1, Level 1 compliance, and independently assessed at Tier 4, the highest level for both NIST Cybersecurity and Privacy Frameworks.
With over 2,600 people in offices across the Americas, Europe and Asia, Crypto.com is accelerating the world’s transition to cryptocurrency. Find out more: https://crypto.com

Description

As a Cyber Security Incident Response Lead at Crypto.com, you will be leading the Cyber Security Incident Response Team (CSIRT) in the Cyber Fusion Center (CFC) to develop the Cyber Security Incident Response program.

Responsibilities

• Lead a team of high-performing incident responders
• Understand the incident response requirements in all the operating regions, and make sure the local incident responders can fulfill the requirements
• Cooperate with different teams like compliance team, application monitoring team, devops team, legal team, HR, etc to come up with a company incident response plan
• Strategic development and implementation of incident response process improvements
• Maintain an internal security incident registry by following framework like VERIS
• Lead self-assessment activities like incident response drills, table-top exercises, attack simulations and purple team exercises
• Keep in sync with the 7/24 monitoring team, making sure that the detection and incident escalation flow work effectively
• Manage the technology, people and process of the CSIRT
• Keep track on the CSIRT performance by developing Key Performance Indicators
• Develop and maintain the incident response playbooks and runbooks, make sure they are up to date and adaptive to the company changes
• Deliver accurate and timely security investigations and responses.
• Document incidents from initial detection through final resolution
• Lead and communicate post-incident activities, including the improvement plan, and make sure they can be delivered
• On-call will be required in case of security incidents.

• 2+ years in leading an incident response team
• 5+ years information security hands-on experience, preferably as part of SOC/CFC/IR team
• Knowledge of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a must; experience of working with authorities is a plus
• Experienced with processes, tools, and techniques in incident response and forensic investigations
• Proven experience with investigating endpoint, network and cloud security incidents following well-known industry standards. Framework or benchmark (e.g. MITRE, NIST, SANS, CIS)
• In-depth understanding of different security tools - NGFW, EDR, IDS/IPS, EDR, DLP and more.
• Ability to lead projects such as security controls evaluation, incident response runbook development for different SaaS, etc.
• Good understanding of DevSecOps and cloud technologies
• Ability to recruit, mentor, lead and build a success path for highly quality team individuals and work as a team.
• Ability to take decisions and manage critical incidents under pressure
• Excellent interpersonal skills with the ability to engage and discuss technical and business risk caused by security issues with business and legal partners at all levels
• Holders of security related certifications is a plus (e.g. CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)

• We offer an attractive compensation package working in a cutting-edge field of combining cryptocurrency and financial services.
• Huge responsibilities from Day 1. Be the owner of your own learning curve. The possibilities are limitless and depend on you.
• You get to work in a very dynamic environment and be part of an international team.
• Flexible working.

Apply Now: