Senior Security Assurance Strategist
Remote - Europe
Applications have closed
BitMEX
Welcome to BitMEX, Most Advanced Crypto Trading Platform for Bitcoin. Home to the Perpetual Swap, industry leading security, up to 100x leverage and a 100% verified customer base.BitMEX is the world’s leading cryptocurrency derivatives trading platform, which has pioneered cryptocurrency trading through relentless commitment to change, and continues to set benchmarks for innovation, liquidity, and security today.
As the world's most advanced peer-to-peer crypto-products trading platform and API, BitMEX gives knowledge, confidence, and precision to hundreds of thousands of traders, transacting billions of USD a day.
Overview
This is critical role to establish and maintain up-to-date, broad and comprehensive understanding of the new security landscape, with the right strategy, tools, people and culture in place; and ensuring adherence to industry regulatory demands and protecting group-wide critical data assets as well as all the systems meeting security requirements and are resilient against vulnerabilities and failures to mitigate reputational and cybersecurity risks and to demonstrate that it is safe and secure to do business with BitMEX.
Key Responsibilities
This individual would manage the security awareness and third party risk management program, ensuring the following:
- Establish a framework to consistently track Technology Risk at BitMEX.
- Oversee, evaluate, and support the assessment , documentation and validation of the processes necessary to ensure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements.
- Develop and maintain cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives
- Define and participate in long-term strategy and planning for GRC programs.
- Manage and support the third party security vendor risk management program and lifecycle.
- Document and perform risk assessments for third-parties (e.g., vendors and service providers). Respond to security assessments, questionnaires and audits from clients and third-party business partners.
- Assist in the creation and maintenance of security policies, standards, processes and guidelines for approval by Firm management. Evaluate exception requests and make approval recommendations to management.
- Lead the Security Awareness Program. This includes roadmap development, plan, delivery measurement, and evaluation of cyber training/education courses, methods, and techniques based on instructional needs.
- Execute phishing campaigns
- Define metrics to track security awareness program progress and maturity
- Ensure all vendors (software, plug-ins, professional services, etc) are successfully vetted by the Security review process
Qualifications
- Strong technical background working on complex engineering, security and operations projects and initiatives.
- 9+ years of security experience in relevant security domains (e.g. Security Management, Tech Risk)
- Prior experience of working in Security at a tech or fintech.
- Expertise working on major compliance programs in a cloud first environment supporting at a minimum SOC 2, GDPR, and ISO 270001/2 Series frameworks.
- Strong communication skills, in particular around objectively measuring risk.
- A natural teacher, good at putting points across engagingly and enthusiastically and inspiring people to take an interest in information security
- Ability to communicate and market technical messages in a simple, clear, and engaging manner. Experience creating innovative content and working with different types of communications methods, to include newsletters, videos, printed materials, and hosted events.
- Excellent organizational and project management, relationship management, are all skills that will be key to be successful in this role.
- Understanding of learning theory or instructional design and concepts of organizational behavior, culture, and how culture impacts how people behave, learn, and interact with others.
- High sense of ownership, urgency, and drive.
#LI-CH1
Join us, as we build a thriving cryptocurrency ecosystem through strategic investments in emerging cryptocurrency technology, and create the future of digital financial services.
Tags: APIs Audits Cloud Compliance Crypto FinTech GDPR Risk management Security assessment SOC 2 Strategy Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs