HQ Digital is hiring a

Web3 IT Cybersecurity Strategist

What is the role?

We are currently hiring an IT Cybersecurity Strategist to work within Digital Currency Group's newest subsidiary. The new subsidiary remains in stealth mode, but will be working with the world’s leading crypto, blockchain, and DeFi entrepreneurs and investors. In this role, you will lead IT and cyber strategies at HQ by designing, implementing, and executing world-class programs to build and protect our systems and infrastructure.

What you have to achieve:

• Optimize the employee experience – improve new hire onboarding and offboarding
• Manage ongoing SSO, Infrastructure and security projects
• Coordinate and own MSP, MSS, and parent company integration, operations, and relationships
• Own quality assurance for IT networking, infrastructure, communications, and support functions
• Own IT and cyber change management process
• Act as a primary internal escalation point, problem solver, and IT and cyber advisor
• Act as a liaison between external IT and security vendors to build, deliver, and manage global cybersecurity and technology protection programs for the enterprise including program playbooks, governance documents, workflows, and processes
• Develop unique, and implement effective IT and cybersecurity strategies for software systems, networks, data centers, and hardware
• Build and maintain secure communication strategies and hygiene that take into consideration DLP, data retention, and tagging
• Own advanced asset, identity, and authentication management and strategy
• Manage full-lifecycle vendor relationships to include gap analysis, requirements, selection, vetting, negotiation, execution, accountability, and termination to meet the highest performance standards and metrics
• Partner with HQ HR, Legal, and other key stakeholders within the DCG team to ensure a safe, secure, and creative place to work for the HQ team
• As a key stakeholder, deliver consistent governance and regulatory compliance – to include GDPR, SEC, FINRA, ISO2700X, and SOC2 certifications

What we expect:

Expertise in IT and Cybersecurity

• 6+ years of documented operational and leadership experience in information technology and cybersecurity roles of increasing depth and complexity, including hands-on execution and management
• Documented experience conducting and managing personal and organizational risk management especially in the areas of IT architecture, IT operations and management, cloud computing, networking, communications, data protection, IT asset management, cybersecurity, and data loss prevention
• Documented experience conducting and managing personal and organizational risk assessment, mitigation, and investigations especially in the areas of insider threat, and hostile targeting
• Ability to consistently execute against tight deadlines with incomplete or ambiguous information in rapidly changing environments as evidenced through documented international crisis management experience
• Domain expertise in AWS, Salesforce, Microsoft Azure and O365, Apple DEP, ITIL, CGEIT
• Experience and deep understanding of security and privacy-by-design principles to include: OWASP, ISO 2700X, SOC2, Cloud Security Alliance, FIPS and other industry standards and best practices
• Domain expertise in disaster recovery and business continuity/resiliency
• Demonstrated ability to manage vendor ecosystem – identify, qualify, negotiate, and manage quality assurance of IT, infrastructure, hardware, and cybersecurity vendors
• Strong existing professional relationships and network in the IT field with the ability to strategically recruit, build, and manage geographically dispersed teams of full-time employees and contractors
• Create interactive online and in-person content to educate employees and help them effectively manage business risk
• Familiarity with DLP tools and secure infrastructure tools such as Zscaler, Proofpoint, Massmailer, SentinelOne, Crowdstrike
• Familiarity with asset management tools such as Meraki or JAMF
• Travel up to 10% (according to relevant national and international COVID-19 safety guidelines)
• More than one professional certification in relevant domains (ISACA, Agile development, Salesforce Certified Development Lifecycle and Deployment Designer, CompTIA, Cloud Architect, IT Audit, PMP, CISSP, CPSE, GPEN, GSEC, CompTIA Security+, CISA, Ethical Hacker, CIPP, etc.) is highly preferred

Solving problems together

• You are a proven collaborator and communicator; you know how to listen and work well with experts across disciplines
• You know how to admit what you don’t know, and how to ask the right people for help
• You thrive working in complex environments with many internal and external stakeholders
• You take privacy and security seriously, and always consider them when developing solutions

Excited to build from scratch

• Comfortable with ambiguity
• A self-starter who proactively builds and solves problems

Apply Now: