Senior Technology and Security Risk Manager (Web3)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Technology and Security Risk Manager (Web3): Managing the second line of defense (2LOD) for technology and security risks within a leading crypto exchange with an accent on risk oversight, RCSA, and GRC implementation. Focus on scaling security programs, mitigating cyber threat vectors, and ensuring adherence to global security frameworks like NIST and ISO.
Location: Onsite in Hong Kong
Company
is a leading crypto exchange and developer of the Wallet, providing millions of users and institutions access to crypto trading and decentralized applications.
What you will do
- Identify, assess, and mitigate technology and security risks to ensure adherence to the Technology Risk Policy.
- Provide 2LOD oversight for technology defects, incidents, and issues, partnering with 1LOD to enhance processes.
- Lead the Technology Risk and Control Self-Assessment (RCSA) process and provide independent risk challenge.
- Define, monitor, and report on Security Key Risk Indicators (KRIs).
- Implement and enhance Governance, Risk, and Compliance (GRC) systems to enable effective risk oversight.
- Stay updated on digital asset trends and regulations to proactively address emerging risk considerations.
Requirements
- Bachelor’s degree in IT, Computer Science, or a related field.
- Minimum 8+ years of experience in Cyber Risk or Information Security.
- Strong knowledge of NIST CSF, ISO/IEC 27001, and data privacy regulations (GDPR, PDPA).
- Proven track record in risk-control assessments, incident management, and driving remediation efforts.
- Experience with GRC platforms in a global or complex organizational setting.
- Relevant certifications such as CISSP, CEH, CISA, or CISM.
Culture & Benefits
- Competitive total compensation package.
- L&D programs and education subsidies for professional growth.
- Comprehensive healthcare schemes for employees and their dependants.
- Wellness and meal allowances.
- Regular team building programs and company events.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →