Blockchains will only consider candidates who reside in the U.S. and do not require any VISA support.
In the new and exciting world of the decentralized internet, otherwise known as Web3, it is an individualâs fundamental right to own and control their digital identity. To ensure that the individual is paramount in Web3, we are developing a suite of applications to enable everyone to safely engage, take part, and transact in the emerging, decentralized world of the internet. Our platform centers on Web3 Identity and leverages that identity to provide individuals with secure digital asset storage and recovery, access to decentralized finance, the ability to prove ownership of their creations, and gateways to digital interactions and experiences â all to empower and benefit every Web3 user.
We believe that the decentralized nature of Web3 creates an opportunity for everyone to challenge the digital status quoâto own and control their identity, data, finances, creations, and future. This is the chance to get it right â to rally a movement of individuals so Web3 belongs to everyone, not to trillion-dollar companies. To fulfill this vision, we are seeking dynamic people who want to join us in leading the way to this new world.
WHAT YOU WILL DO
As a key member of Governance, Risk and Compliance (GRC), you will be critical to the buildout of the team and function with cross-organizational impact. Job One will be to stand up the GRC platform for information-technology and third-party risk management and to mature, respectively, ITRM and TPRM as essential GRC focus areas. Based on the foundational skills in ITRM and TPRM that you bring to Blockchains, you will drive partner compliance, too, among other day-to-day activities and strategic initiatives.
- Build GRC platform
- Build and maintain the GRC platform with priority programmatic capture of Cyber/IT assets and risks, timely analysis to enable risk control, and robust reporting.
- Drive platform automation of TPRM process, including self-service questionnaires and evidence uploads, evaluation of results and facilitated workflow for analysis and reporting.
- Expand day-to-day GRC activities
- Drive data acquisition, analysis and reporting on prospective third-party partners and vendors to ensure risks are identified with recommended controls and monitoring in place.
- Facilitate Cyber Awareness Training curriculum, evaluation of assessments, periodic reporting and expansion of program goals and impact.
- Drive Partner Compliance and other GRC initiatives
- Catalyze process and procedural alignment of internal teams to ensure our own and to monitor strategic partnersâ compliance with engagement terms, escalating risks with recommended mitigations, and directing efforts to ensure synergy, compliance.
- Take up and advance other cross-functional projects of GRC import once the platform and day-to-day rudiments are mastered, and grow with the role while growing the function.
WHAT YOU WILL NEED TO SUCCEED
Focused delivery of specified outcomes, often within tight timeframes, is essential â desirably with minimal supervision and a commitment to communicate. You demonstrate big picture grasp with keen attention to detail; self-directed technical savvy, preferably with cybersecurity certification(s); and effortless interaction and native partnering with different personality types across professional functions both inside and outside the organization.
YOUR EDUCATION AND EXPERIENCE
This role requires a bachelorâs degree.
You will have the following experience:
- Governance: at least five years of experience in IT and cybersecurity or enterprise governance, no fewer than three of which have included drafting, for example, policies, plans, standards and protocols, processes and procedures, playbooks and the like.
- Risk: no fewer than four years working with authoritative standards for IT and cybersecurity risk and controls, including SP 800-53 r5 and 800-37 r2 or ISO 27000 Series and 31000:2018, applied in ITRM and TPRM.
- Compliance: three years or more of experience conducting risk assessments/due diligence on strategic partners and managing across functions to ensure compliance with contractual terms and operational standards.
Blockchains, Inc. (âBlockchainsâ) is proud to be a diverse workforce, and we are committed to inclusion and diversity to ensure equal opportunity for all applicants. Blockchains provides equal employment opportunities to all employees and applicants regardless of race, color, religion, sex, sexual orientation, gender identity and/or expression, national origin, age, marital status, physical or mental disability, veteran status, or any other characteristic protected by federal, state, or local laws.
When you apply to a job on this site, the personal data contained in your application will be collected by Blockchains, Inc. (âControllerâ), which is located at 610 Waltham Way, Sparks, NV 89437 and can be contacted by emailing [email protected]. Controllerâs data protection officer is Edward O'Connor, who can be contacted at [email protected]. Your personal data will be processed for the purposes of managing Controllerâs recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.
Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controllerâs behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards under [either the standard contractual clauses or the Privacy Shield]. You can obtain a copy of the standard contractual clauses by contacting us at [email protected].
Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.