Information Security Compliance Manager

Who are we?

Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10 million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have CCSS Level 3, ISO/IEC 27001:2013, ISO/IEC 27701:2019, and PCI:DSS Level 1 Service Provider compliance, as well as NIST CSF & PF Tier 4 maturity. Crypto.com is headquartered in Hong Kong with a 3000+ strong team.

About the Role

As our Security Compliance Analyst / Manager, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units.

Responsibilities:

• Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, GDPR, CCPA, etc
• Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management
• Provide complete and accurate responses to internal and third-party enquiries on security compliance
• Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion
• Design necessary control required to comply with international standards and local regulations
• Identify and drive process improvements for streamlining global security compliance operations

Requirements

• Experience in information security, IT audit or IT risk management related roles.
• Prefer experience with one or more of the following: conducting security control assessments, risk assessments or audits.
• Prefer experience with any of the following: ISO27001, ISO27701, SOC1, SOC2, PCI, SOX, cloud technologies, and data protection regulations and requirements.
• Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications
• Minimum 5 years of hands-on experience in a fast-paced working environment. Candidates with less experience will be considered for a junior position.
• Experience leading compliance initiatives and working with auditors and/or external regulators

Benefits

• Attractive compensation package & additional paid leave;
• Exciting deck of social benefits, including a Multisport card; discounts for various shops & restaurants; subscription reimbursement for music and video streaming platforms and many more!
• Working in the cutting-edge field of Fintech, participate in developing the crypto space;
• Opportunity to experience Crypto.com's products first-hand!

If you meet the requirements above and feel ready to dive into our challenging dynamics, by joining the Crypto.com team on a permanent contract basis, we are looking forward to receiving your CV in English by applying below.

Only shortlisted candidates will be contacted with information on the next steps of our application process.