Crypto.com is hiring a

Web3 Information Security & Compliance Manager (US) - M&A

About Crypto.com

Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10 million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27001:2013, ISO/IEC 27701:2019, and PCI:DSS Level 1 Service Provider compliance, as well as NIST CSF & PF Tier 4 maturity. Crypto.com is headquartered in Hong Kong with a 3000+ strong team.

For more information, please visit www.crypto.com.

About the Role

Crypto.com is seeking a motivated and driven individual to join our Information security and compliance team focused on Mergers and Acquisitions. The Information Security & compliance Manager is a project leader focused on providing expert consultation and relationship management specific to M&A activity with a specific focus on Cybersecurity integration and regulatory compliance and certifications. This position partners with key IT stakeholders, steering committee members, project and integration teams, technical leads, third parties and customers. You are also required to address and review compliance gaps and take major role of giving recommendations and supporting on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units.

Job Responsibilities

• Manage the full life cycle of day-to-day security integration activities including coordination of detailed functional plans, communication with key stakeholders, and issue resolution. Create awareness of cross- functional inter-dependencies and establish prioritization for plan execution to minimize disruption on daily operations.
• Enforce and improve existing due diligence and security integration methods with inputs from core corporate security & compliance team in order to comprehensively assess the target organization's technical environment, security posture and capabilities, and inherit internal and third-party risks. Capture best practices and lessons learned throughout the due diligence period for continuous improvement for future acquisitions.
• Participate in internal and external security and privacy assessments, collecting data inventory and evaluate systems for security monitoring to track effectiveness of security controls in considering organizational security posture
• Prepare draft in integration strategy plans to minimize risk of security gaps of M&A projects.
• Perform security compliance activities, including conducting annual and project risk & control assessments and third-party assessments, and managing remediation activities.
• Design, document and update necessary control required to comply with international standards and local regulations.
• Evaluate technical and organizational controls to ensure effectiveness and compliance, including managing the control remediation efforts.
• Ability to weigh business needs against security concerns and recommends necessary changes to enhance information systems security

• Strong leadership skills and ability to work effectively with a multi-disciplinary set of stakeholders across different levels and with minimal supervision
• Strong understanding of the business impact of security tools, processes and policies as well as high proficiency in how to assess risk and business impact. Solid analytical skills and understanding of processes, technology and operational concepts
• Highly motivated and demonstrated ability and desire to work in a fast-pace and dynamic working environment
• Technical knowledge of IT processes to include configuration management, networking, database management, application coding, availability, data center operations, etc.
• Strong experience in information security, IT audit or IT risk management related roles
• Prefer experience with any of the following: ISO27001 and ISO27701 standards, and data protection regulations and requirements
• Holders of security-related certifications/qualifications will be an advantage (CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, etc.)
• At least 5+ years of relevant security technology experience, in which 2+ years’ experience supporting M&A activities in a Business or IT role

Preferred:

• Be a friendly team player with a positive attitude
• Demonstrate a strong commitment to personal learning and development
• Detail minded with an analytical mindset
• Good communication skills with an ability to explain complex technical issues to non-technical business users
• Prior experience with project management
• Interest and understanding of Blockchain beneficial but not mandatory
• Proficiency in both spoken and written English

• We offer an attractive compensation package working in a cutting-edge field of combining cryptocurrency and financial services.
• Huge responsibilities from Day 1. Be the owner of your own learning curve. The possibilities are limitless and depend on you.
• You get to work in a very dynamic environment and be part of an international team.
• Flexible working.

Apply Now: