Information Security Manager
Remote
About Kraken
Kraken is changing the world. Join the revolution!
Our mission is to accelerate the adoption of cryptocurrency so that you and the rest of the world can achieve financial freedom and inclusion. Founded in 2011 and with over 4 million clients, Kraken is one of the world’s largest, most successful bitcoin exchanges and we’re growing faster than ever. Our range of successful products are playing an important role in the mainstream adoption of crypto assets. We attract people who constantly push themselves to think differently and chart exciting new paths in a rapidly growing industry. Kraken is a diverse group of dreamers and doers who see value in being radically transparent.
In less than a decade Kraken has risen to become one of the best and most respected crypto exchanges in the world. We are changing the way the world thinks about money and finance. The crypto industry is experiencing unprecedented growth and Kraken is leading the charge. We’ve grown from 70 Krakenites in January 2018 to over 1200 today and we have no intention of slowing down.
The Information Security Manager is responsible for the company's global IT Risk Management program and associated processes and services. They will lead a team of seasoned information technology professionals who design, develop, execute and maintain all aspects of the company’s IT Risk Management program including executing risk reviews of critical programs and technology solutions, maintaining the IT Risk Register, auditing and overseeing IT risk mitigation plans, developing and communicating IT Policies, Control Objectives and Standards, evaluating and reporting compliance to regulatory and customer requirements for information management, conducting 3rd party risk assessments and responding to customer risk assessments. This position works across all functions to address enterprise risks and provides expert consulting to business operations.
Check out all our open roles at https://jobs.lever.co/kraken. We’re excited to see what you’re made of.
Learn more about us
Watch "Working at Kraken" Follow us on TwitterCatch up on our blogFollow us on LinkedIn
Kraken is changing the world. Join the revolution!
Our mission is to accelerate the adoption of cryptocurrency so that you and the rest of the world can achieve financial freedom and inclusion. Founded in 2011 and with over 4 million clients, Kraken is one of the world’s largest, most successful bitcoin exchanges and we’re growing faster than ever. Our range of successful products are playing an important role in the mainstream adoption of crypto assets. We attract people who constantly push themselves to think differently and chart exciting new paths in a rapidly growing industry. Kraken is a diverse group of dreamers and doers who see value in being radically transparent.
In less than a decade Kraken has risen to become one of the best and most respected crypto exchanges in the world. We are changing the way the world thinks about money and finance. The crypto industry is experiencing unprecedented growth and Kraken is leading the charge. We’ve grown from 70 Krakenites in January 2018 to over 1200 today and we have no intention of slowing down.
The Information Security Manager is responsible for the company's global IT Risk Management program and associated processes and services. They will lead a team of seasoned information technology professionals who design, develop, execute and maintain all aspects of the company’s IT Risk Management program including executing risk reviews of critical programs and technology solutions, maintaining the IT Risk Register, auditing and overseeing IT risk mitigation plans, developing and communicating IT Policies, Control Objectives and Standards, evaluating and reporting compliance to regulatory and customer requirements for information management, conducting 3rd party risk assessments and responding to customer risk assessments. This position works across all functions to address enterprise risks and provides expert consulting to business operations.
Responsibilities
- Manage and maintain the IT Risk Management strategy, program and associated services.
- Manage and maintain the communication of IT policies, control objectives and standards.
- Identify the IT investments needed to ensure compliance with regulatory, contractual and internal requirements.
- Implement risk-based controls that are fully auditable and compliant with business and regulatory standards.
- Develop and produce Executive-level and Management scorecards to measure, monitor and report on IT Risk posture and control effectiveness.
- Analyze business processes and systems and guide needed improvements that properly mitigate risk in alignment with the risk appetite.
- Ensure the technologies and processes used worldwide meet all required information risk and information management requirements.
- Consult at an expert level to support customer compliance requirements for new product development and enhancement of existing solutions.
- Design and conduct 3rd party service provider risk assessments.
- Assist resource owners and IT staff in understanding and responding to IT audit failures reported by internal and external auditing departments.
- Apprise IT management regarding new and pending regulatory requirements and recommend plans of action.
- Conduct security and risk due diligence related to acquisitions, divestitures & joint ventures.
Requirements
- Minimum of 10 years’ relevant experience
- Advanced knowledge of IT processes and technical environments with 10+ years’ experience in one or more of the following: architecture, customer and governmental compliance, data protection and privacy, information classification, core applications and critical infrastructure operations and support, business continuity/disaster recovery, enterprise risk management.
- Knowledge of global regulatory requirements, including cybersecurity, data privacy and global trade compliance
- Strong leadership and talent development competencies
- Excellent written and oral communication and presentation skills, including experience and acumen in technical writing best practices
- Proven ability to describe complex technical requirements in understandable terms
- Proven ability to develop metrics and scorecards to measure process and control effectiveness
Preferred Qualifications
- MBA or other advanced degree preferred
- CRISC, CISM or CISA certifications preferred
- Experience with cybersecurity regulations and regulatory best practices, such as those promulgated by the SEC, NYDFS, CCPA, etc
- Experience with SOC2 and ISO27001
Check out all our open roles at https://jobs.lever.co/kraken. We’re excited to see what you’re made of.
Learn more about us
Watch "Working at Kraken" Follow us on TwitterCatch up on our blogFollow us on LinkedIn
Tags: Audits CCPA CISA CISM Compliance CRISC Crypto Finance ISO 27001 Privacy Risk management SOC 2 Strategy
Region:
Remote/Anywhere
Job stats:
75
15
0
Category:
Leadership Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs