Program Lead, IT Compliance

At Anchorage we are building the world’s most advanced digital asset platform for institutions to participate in crypto.
Founded in 2017, Anchorage Digital is a regulated crypto platform that provides institutions with integrated financial services and infrastructure solutions. With the first federally chartered crypto bank in the US, Anchorage offers institutions an unparalleled combination of secure custody, regulatory compliance, product breadth, and client service. We’re looking to diversify our team with people who are humble, creative, and eager to learn.
We are a remote-first, global team, but provide the option of working in-office in San Francisco, New York City, Indianapolis, Sioux Falls, Porto, and Singapore.
This individual will play a key role in building out and scaling foundational elements of our IT risk management and compliance program. The role is highly cross functional, and will cover domains ranging from IT risk assessments to business continuity planning to SOC compliance.

As the Program Lead, IT Compliance you will:

• Build, scale, and improve Anchorage IT risk and security compliance initiatives and audits (e.g. SOC 1/2, FFIEC cybersecurity maturity, etc.)
• Manage the completion of internal and external audits, serving as the primary liaison for auditors and internal stakeholders
• Lead the Business Continuity Program, including delivery of training, tabletop and functional exercises, and completion of department Business Impact Analyses and Business Continuity Plans
• Drive the annual IT security risk assessment process, from risk identification to measurement and mitigation
• Collaborate with the Security, Engineering, Compliance, and People teams to implement best-in-class IT security controls across the organization
• Ability to “translate” regulations into technical controls, and vice-versa
• Manage and track findings (from risk assessments, audits, etc.) from identification to closure

You may be a fit for this role if you have:

• 6+ years of experience in IT security compliance or audit
• Expertise in security and IT risk management concepts such as risk assessments, business continuity and disaster recovery planning, and / or incident response
• Knowledge of public cloud infrastructure (AWS /GCP/Azure)
• A passion for digging into the weeds, problem-solving, and building programs from the ground up
• A proven track record of effective cross-functional project management and organizational skills
• CISA certification is required

Although not a requirement, bonus points if:

• You have CISSP 
• You’ve had regulatory facing interactions with auditors
• You have a technical/engineering background 
• You come from the financial industry
• You were emotionally moved by the soundtrack to Hamilton, which chronicles the founding of a new financial system. :)

About Anchorage Digital - People: Who we are
The Anchorage Village, what we call our team, brings together the brightest minds from platform security, financial services, and distributed ledger technology to provide the building blocks that empower institutions to safely participate in  the evolving digital asset ecosystem. As  a diverse team of more than 300 members, we are united in one common goal: building the future of finance by providing the foundation upon which value moves safely in the new global economy. 
Anchorage Digital is committed to being a welcoming and inclusive workplace for everyone, and we are intentional about making sure people feel respected, supported and connected at work—regardless of who you are or where you come from. We value and celebrate our differences and we believe being open about who we are allows us to do the best work of our lives. Anchorage Digital is an Equal Opportunity Employer. We do not discriminate against qualified applicants or employees on the basis of race, color, religion, gender identity, sex, sexual preference, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by federal, state, or local law, rule, or regulation.