Plus
Включить Plus
Назад
Company hidden
6 часов назад

Technical GRC Expert (Web3)

Тип работы
fulltime
Грейд
middle
Английский
b2
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Technical GRC Expert (Web3): Ensuring GRC frameworks are effectively implemented across infrastructure, SaaS, and cloud environments with an accent on technical risk assessments and security automation. Focus on bridging the gap between compliance and technology through threat modeling, offensive security coordination, and AI-driven reporting.

Company

hirify.global provides a secure platform and network for companies and financial institutions to manage digital assets using blockchain technology.

What you will do

  • Collaborate with R&D and DevOps teams to integrate security into development and deployment processes.
  • Perform technical risk assessments, vulnerability trend analysis, and threat modeling to maintain an accurate security posture.
  • Coordinate offensive security activities, including penetration testing, red teaming, and vulnerability assessments.
  • Automate GRC reporting and surface risk insights using AI, ServiceNow, and Jira.
  • Partner with Security Engineering and IT to ensure endpoint hardening, patch management, and configuration compliance.
  • Manage DR exercises, tabletop simulations, and support internal and external audits such as SOC 2 and ISO 27001.

Requirements

  • 3+ years of experience in GRC, IT Risk, or Security Operations.
  • At least 2 years of hands-on technical experience in system administration, cloud security, or vulnerability management.
  • Strong working knowledge of cloud security (AWS, GCP, or Azure) and endpoint management (Jamf, Intune, CrowdStrike).
  • Proven ability to automate GRC workflows using tools, APIs, and AI.
  • Practical experience designing or testing Disaster Recovery and Business Continuity programs.
  • Strong analytical skills to translate complex technical risks into actionable business terms.

Nice to have

  • Certifications such as CISA, CISM, CISSP, or Security+.
  • Professional background in the financial, digital assets, or other highly regulated sectors.
  • Strong technological understanding and familiarity with product development practices.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →