Crypto.com is hiring a

Web3 Information Security GRC Analyst

The Cybersecurity and Data Privacy team reports directly under the office of the CISO headed by Chief Information Security Officer (CISO) Jason Lau (https://www.linkedin.com/in/jasonciso/) who has over 23+ years of experience in the cybersecurity space, awarded Global Top 100 CISO, and also serves on the World Economic Forum, International Association of Privacy Professionals and more.

The team comprises of multiple functions from Blockchain Security, Operational Security, Security Governance and Compliance and more. We drive a culture of having a growth mindset and being humble to help everyone achieve their potential. Security and Data Privacy Compliance first strategy which has been at the core of our company. The security team helped to drive us to be the first Crypto company worldwide to achieve ISO27001, ISO27701, ISO22301 and PCI:DSS 3.2.1 (Level 1) certifications. Extremely detailed third party attested by international audit firm SGS and achieved "Adaptive (Tier 4)” – the highest level possible for the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework as well as SOC2 and many other regional certifications like the Data Protection Trust Mark.

Responsibility

• Support the delivery of global security governance, risk management and compliance strategies
• Support and maintain a security compliance framework across global entities that can align with the company’s compliance and Internal audits requirements
• Support governance over information security policies, processes, standards and procedures
• Participant in regulatory compliance assessment in accordance with regulations and circulars from different countries
• Participant in external and internal audits, such as ISO 27001, NIST, PCI-DSS, SOC 2 Type 1/2 and other security compliance projects
• Involve maturity model and track of information security controls
• Support global security governance and compliance process
• Support security questionnaire from internal/external security audit and organize/document the common answers and approaches for future audits
• Assist security risk management within the business units

Requirements

• Bachelor's degree or higher in information technology, cyber security or related field
• 3+ years of experience in a information security role
• Strong leadership and excellent communication skills
• Understanding of Information Risk, security control, data privacy related regulations (e.g. CCPA, SG PDPA, EU GDPR) within the financial services and banking industry
• Strong knowledge and practical working experiences in delivering global projects of international data privacy and information security frameworks including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, SOC 2 Type 1/2 Report, PCI-DSS, ISAE 3000, ITIL, and COBIT as well as experience in IPO and M&A
• Demonstrable work experience delivering effective business and technical security solutions, processes, tools, and high performing teams
• Good working knowledge of the latest information technology security trends and emerging threats is essential
• Experience in implementing risk management principles and methodologies within a security or technology function
• Good project management experience and skills
• Strong analytical and problem-solving skills are must-have
• Having one of the below security or privacy qualification is a plus - CRISC, CISSP, CCSP, CISM, CISA, ISO 27001 Lead Auditor, IAPP CIPP / CIPM, OSCP, SANS
• An understanding of cloud infrastructure technologies and associated risks would be beneficial

#LI-MK1

#LI-Hybrid

Life @ Crypto.com

Work Perks: crypto.com visa card provided upon joining 

Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team.

About Crypto.com:

Founded in 2016, Crypto.com serves more than 80 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem.

Learn more at https://crypto.com. 

Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team.