Information Security Governance Manager (HK)
Hong Kong
Applications have closed
Crypto.com
Over 80 million users buy, sell, and trade Bitcoin, Ethereum, NFTs and more on Crypto.com. Join the World's leading crypto trading platform.About Crypto.com
Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 10 million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27001:2013, ISO/IEC 27701:2019, and PCI: DSS Level 1 Service Provider compliance, as well as NIST CSF & PF Tier 4 maturity SOC2 and more. Crypto.com is headquartered in Singapore with a 3000+ strong team.
For more information, please visit www.crypto.com.
Position Summary
As our Information Security Governance Manager, you will be leading and growing the APAC Information Security Governance (ISG) team based in Singapore responsible for ensuring the firm’s information security governance, risk, and compliance are enforced and managed systematically, and monitoring key trends and emerging risks that could potentially affect the firm’s overall security and privacy posture. The ISG team operates in a fast-paced and dynamic environment and utilizes the best industry frameworks to effectively identify, evaluate, monitor and manage the firm’s technology and information security governance, risk and compliance issues in support of the firm’s growth and strategic plan.
Responsibilities
● Manage the delivery of global security governance and compliance strategies
● Manage and maintain a security compliance framework across global entities that can align with the company’s compliance and Internal audits requirements
● Develop, manage and maintain effective information security policies, processes, standards and procedures.
● Lead and support ISO 27001, PCI-DSS, SOC 2 Type 1/2 and other security compliance projects
● Develop maturity model and track of information security controls
● Internal first point of contact for general security enquiries. Proactively approach and support internal stakeholders across global entities
● Establish and maintain global security governance and compliance process
● Respond to security questionnaire from internal/external security audit and organize/document the common answers and approaches for future audits
● Facilitate security risk management within the business units
● Establish and maintain information risk metrics to highlight information assets that have the highest risk exposure. Conduct regular review of remediation actions and report to business and technology senior management
Requirements
● Bachelor's degree or higher in information technology, cyber security or related field
● 5+ years of experience in a security governance role, with 2+ years of experience in a
managerial role
● Strong leadership and excellent communication skills
● Understanding of Information Risk, security control, data privacy related regulations (e.g. CCPA, SG PDPA, EU GDPR) within the financial services and banking industry
● Strong knowledge and practical working experiences in delivering global projects of international data privacy and information security frameworks including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, SOC 2 Type 1/2 Report, PCI-DSS, ISAE 3000, ITIL, and COBIT as well as experience in IPO and M&A
● Demonstrable work experience delivering effective business and technical security solutions, processes, tools, and high performing teams
● Good working knowledge of the latest information technology security trends and emerging threats is essential
● Experience in implementing risk management principles and methodologies within a security or technology function
● Good project management experience and skills
● Strong analytical and problem-solving skills are must-have
● Having one of the below security or privacy qualification is a plus - CRISC, CISSP, CCSP, CISM, CISA, ISO 27001 Lead Auditor, IAPP CIPP / CIPM, OSCP, SANS
● An understanding of cloud infrastructure technologies and associated risks would be beneficial
Benefits
- Attractive compensation package with fringe benefits
- Opportunity to work in the innovative and ever-growing Fintech industry
- Exposure to corporate governance practice of various jurisdictions across the world
- Huge responsibilities from Day 1. Be the owner of your own learning curve. The possibilities are limitless and depend on you.
- You will work in a very dynamic environment and be part of an international team.
Tags: Audits Banking CCPA CCSP CIPP CISA CISM CISSP Cloud COBIT Compliance CRISC Crypto FinTech GDPR Governance ISO 27001 Monitoring NIST OSCP Privacy Risk management SANS SOC 2
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs