Floating Point Group is hiring a

Web3 Information Security Officer

THE ROLE IN A NUTSHELL

We are looking for an experienced, talented information security director to own our operational and informational security architectures. As we execute our go-to-market strategy and continue to rapidly scale, it is imperative that we find someone who will ensure that no matter what scale FPG gets to, security is a cornerstone.

Particularly in the web3 & cryptocurrency industry, best practices are being defined every day- evolving and iterating to meet the needs of new products and new ideas. This is a chance to define the gold standard for the industry.

As an integral designer of our security systems, you will establish the cultural foundation of how we think about security across the organization. You will define our operational security policies, ensure the team and our product adheres to the highest standards, and interface with clients to share with them how we see security.

Not only will you be on the FPG security team, you will be an indispensable member of FPG’s sales and engineering team. You will define operational and cybersecurity policies, helping with product design to ensure security is at the core, and interact with our client base regularly. You will have broad control over internal security and will be responsible for making sure FPG’s security is best in class. We expect that you will be our in-house subject matter expert on security.

What you’ll be doing.

Operational Security (OpSec)

• Take ownership of the company’s operational security policies on all security-related matters.
• Run our regularly occurring internal security audits.
• Coordinate security training, including annual training, new-hire training, phishing tests, social engineering, table-top exercises, and other security-awareness trainings.
• Ensure that the company’s compliance and risk management policies adhere to best practice standards
• Maintain all security-related documentation, including security policies & procedures (including business continuity planning, incident response documents and disaster recovery plans)
• Implement new security projects and initiatives, and maintain existing security solutions

Informational Security (InfoSec)

• Work with our engineers advising on best practices and reviewing how access patterns are setup.
• You don’t need to be a code monkey, but should know your way around Amazon Web Services and architecture diagrams.
• Own security-minded projects (Pen testing, SOC2 compliance)
• Review vulnerability scans and coordinate remediations with the Engineering teams
• Be a central incident response coordinator and forensic investigator for IT and security incidents.
• Must be able to configure, support, and maintain security tools and devices such as firewalls, AWS Cloudtrail, AV software, and patches/upgrades.

Security Branding, Marketing, and Client Interactions

• Meet clients and discuss with them how we think about security
• Perform IT vendor due-diligence and risk assessments for new and existing vendors
• Coordinate IT audit request for financial regulatory audits
• Assist with security and DR/BC questions for client RFPs
• Prepare periodic security KPI reports
• Function as a Subject Matter Expert to the company on all security-related matters

Qualifications

• Bachelor’s degree
• At least 5 years experience in information security, cybersecurity, security architecture and/or risk assessment is required.
• Experience with Incident Management, Vulnerability Scanning, and Identity & Access Management
• Experience with: NIST, firewall configurations, SIEM (Secure information & event management) security solutions.
• Security certifications, such as CISSP, CISM, CISA, and/or CRISC.
• Experience with ISO 27001-2013 security framework
• Experience with Office 365, Google Suite, Apple, AWS architecture and infrastructure.
• Exceptional verbal and written communication and project management skills are required.
• You’re really excited about cryptocurrency and seek out ways to grow your expertise it its cutting edge tech
• The scrappiness and unavoidable pairing of innovation & chaos that happens in startups is one of the most exciting aspects for you
• You prioritize transparency and straight forward communication
• You support distributed ownership, defaulting to team-led initiatives as often as possible
• You don’t take yourself too seriously

Apply Now: