Fireblocks Jobs

About The Team

The GRC Director will lead the organization's efforts in establishing, implementing, and maintaining a comprehensive governance, risk management, and compliance (GRC) framework tailored to the unique challenges and opportunities of Fireblocks' technology, product, and business environment. 

The GRC director will lead Fireblocks’ global GRC team and will be responsible for the vision and strategic planning, accompanied by budget and KPIs, and developing a comprehensive work plan, consisting of both innovation and operations activities.

What You’ll Do:

1. Governance: Develop and maintain the security governance framework, policies, and procedures to align with industry standards and best practices.
2. ICT Risk Management: Identify, assess, and prioritize security risks to the organization's assets, systems, and data; Implement risk mitigation strategies and controls to minimize exposure to threats and vulnerabilities; Conduct regular risk assessments and provide recommendations for remediation actions; Evaluate and manage security risks associated with third-party vendors and service providers.
3. Compliance: Develop and maintain an effective compliance framework aligned with all applicable laws, regulations, and global industry standards. Ensure compliance with regulatory mandates and reporting requirements, including the timely submission of audit reports and certifications, and coordinate internal and external audits, working closely with audit teams to address findings and implement corrective actions Stay abreast of regulatory developments and advise on compliance strategies relevant to the financial sector.

1. Training and Awareness: Lead cross-discipline educational initiatives to promote a culture of risk awareness and compliance among employees, Third parties, addressing the unique threats and risks of Fireblocks’ business and technological environment. 
2. Customer Assurance: Support the business by cooperating on and complementing operations including sales, contract negotiations and audits, while providing the required assurance and trust to customers and prospects.

3. Stakeholder Engagement: Collaborate with executive leadership and other internal stakeholders to ensure security initiatives are aligned with business objectives.

   Engage with external stakeholders, including regulators, partners, and vendors, on GRC matters. 

   1. Leadership and management of the GRC team - Develop and empower the GRC team and lead by example.
   
   

   What You’ll Bring:

   • Minimum of 10+ years of experience in cybersecurity, with 5+ years in a leadership role.
   • Proven experience in developing and implementing comprehensive GRC programs.
   • Deep understanding of industry best practices, frameworks, standards and relevant regulations (e.g., SOC 2, ISO, NIST, DORA, NIS2, NYCRR 500, GDPR, MAS, etc.).
   • Background in digital assets, fintech or the financial sector is an advantage
   • Experience working in product/SaaS companies and in cooperation with R&D and Product teams, technological understanding and SDLC practices.
   • Visionary and innovation-driven person, capable of executing in an agile manner, and embraces a constantly changing environment.
   • Excellent communication, collaboration, and interpersonal skills.
   • Strong analytical and problem-solving skills.