Information Security Governance Manager
Asia
Binance
Binance cryptocurrency exchange - We operate the worlds biggest bitcoin exchange and altcoin crypto exchange in the world by volumeAre you looking to be a part of the most influential company in the blockchain industry and contribute to the crypto-currency revolution that is changing the world?
We are seeking an Information Security Governance Manager to be responsible for implementing a comprehensive and consistent security governance and compliance strategy across the organization to protect and manage its technology and data related information security risks. The candidate will be responsible for coordinating, identifying gaps, providing guidance and establishing end to end security governance to ensure effective internal controls are implemented to achieve data privacy, security, reliability and resilience that meets compliance and local regulatory requirements.
Responsibilities:
- Support the delivery of global security governance and compliance strategies.
- Manage and maintain a security compliance framework across global entities that can align to Binance’s compliance and Internal audits requirements.
- Develop, manage and maintain effective information security policies, processes, standards and procedures.
- Lead and support ISO 27001, PCI-DSS, SOC 2 Type 1/2 and other security compliance projects.
- Develop maturity model and track of information security controls.
- Internal first point of contact for general security enquiries. Proactively approach and support internal stakeholders across global entities.
- Establish and maintain global security governance and compliance process.
- Respond security questionnaire from internal/external security audit and organize/document the common answers and approaches for future audits.
- Facilitate security risk management within the business units.
- Establish and maintain information risk metrics to highlight information assets that have the highest risk exposure. Conduct regular review of remediation actions and reporting to business and technology senior management.
Requirements:
- Bachelor's degree or higher in information technology, cyber security or related field.
- 5+ years of experience in a security governance role.
- Strong leadership and excellent communication skills.
- Understanding of Information Risk, security control, data privacy related regulations (e.g. CCPA, SG PDPA, EU GDPR) within the financial services and banking industry.
- Strong knowledge and practical working experiences in delivering global projects of international data privacy and information security frameworks including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, SOC 2 Type 1/2 Report, PCI-DSS and ISAE 3000.
- Demonstrable work experience delivering effective business and technical security solutions, processes, tools, and high performing teams.
- A good working knowledge of the latest information technology security trends and emerging threats is essential.
- Experience of implementing risk management principles and methodologies within a security or technology function.
- Good project management experience and skills.
- Strong analytical and problem-solving skills are must have.
- Having one of below security or privacy qualification is a plus - CISSP, CISM, CISA, CEH, SANS, CCSP, ISO 27001 Lead Auditor, IAPP CIPP / CIPM.
- An understanding of cloud infrastructure technologies and associated risks would be beneficial.
Working at Binance• Do something meaningful; Be a part of the future of finance technology and the no.1 company in the industry• Fast moving, challenging and unique business problems• International work environment and flat organisation• Great career development opportunities in a growing company• Possibility for relocation and international transfers mid-career• Competitive salary• Flexible working hours, Casual work attire
By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.
Tags: Audits Banking Blockchain CCPA CCSP CEH CIPP CISA CISM CISSP Cloud Compliance Crypto Finance GDPR Governance ISO 27001 NIST Privacy Risk management SANS SOC SOC 2 Strategy
Perks/benefits: Career development Competitive pay Flat hierarchy Flex hours Relocation support
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs