Coins.ph is hiring a

Web3 Security GRC Specialist (PH)

We are one of the earliest and largest crypto platforms in Southeast Asia offering exchange and wallet services to our users. Our product lineup also includes electronic payment service and e-wallet. Through our wallet, users can send money to anyone, pay for bills, shop online at over 100,000 merchants, receive money transfers from 200+ countries even without a bank account, and of course view and purchase cryptocurrencies.

What you will do

• Define, manage and update company's information security policies, standards, and processes in coordination with different business functions to protect infrastructure, business-critical data and customer information
• Ensure policies are consistently applied across company and monitor adherence to the defined governance principles to ensure expected value is delivered
• Serve as a SME on information security regulations and advise employees and management on information security requirement and recommendations
• Plan and deliver security awareness trainings and other awareness activities to the company’s employees
• Develop and enhance relationships with Business and Technology stakeholders to understand current challenges and establish a GRC framework to manage risk and compliance levels
• Coordinate and execute IT / IS risk assessments and reviews, providing risk-based recommendation and track the implementation of risk mitigation to completion
• Work with Tech team to develop and test IT business contingency and disaster recovery plans
• Liaise directly with Compliance and various backend Technology teams on regulator inspection, regulatory reporting, external audit, security certificate programs, and internal audit projects to assure compliance with financial regulations
• Coordinate and perform compliance activities and checks
• Conduct and manage external security due diligence checks and 3rd security risk management program that covers onboarding to off boarding
• Communicate and report to management, present security risks and recommendations in Risk Management Committees (RMC)
• Manage and track the company overall security program, projects and KPIs against the defined security roadmap and framework

Preferred qualifications:

• BS/MS in Computer Science / Cybersecurity with 5 years and above relevant experience in cyber security or information technology risk management in the banking / financial industry
• Proven experience in running security compliance programmes
• Experience maintaining information security standards and regulations such as NIST CSF, PCI DSS, ISO27001, GDPR, Philippines BSP, MAS TRM and other regulations
• Excellent relationship building and communication skills with the ability to engage people from diverse cultures and different levels
• Strong stakeholder management skills, with regional experiences to leverage on regional knowledge and resources
• Excellent planning and organizational skills with an ability to meet tight deadlines
• Good knowledge of cloud computing, networking, OS and its security aspects
• Proficient in English and Mandarin is a must to communicate with stakeholders from within the organisation
• CISSP, CISA, CRISC certifications will be an added advantage

What we offer

• Hybrid work set-up, with offices located in Ortigas, Pasig and BGC;
• Friendly geo distributed team of experienced professionals, who happily joined us after working in well-known IT/product companies and perspective startups;
• Work and collaborate effectively with cross-functional compact teams which are constantly improving their tools, pipelines and working environment;
• Customer-driven development: we don't develop features without listening to our customers, each step makes the product more convenient, useful, secure and reliable for our users;
• Professional growth: we invest time and money in your career by sponsoring IT conferences, courses and trainings;
• Paid medical insurance, technical equipment at choice;
• Paid Sick and Vacation Leaves upon regularization. 

$3,000 - $5,000 a month