Security Assurance Manager, Korea

The Cybersecurity and Data Privacy team reports directly under the office of the CISO headed by Chief Information Security Officer (CISO) Jason Lau (https://www.linkedin.com/in/jasonciso/) who has over 23+ years of experience in the cybersecurity space, awarded Global Top 100 CISO, and also serves on the World Economic Forum, International Association of Privacy Professionals and more. The team comprises of multiple functions from Blockchain Security, Operational Security, Security Governance and Compliance and more. We drive a culture of having a growth mindset and being humble to help everyone achieve their potential. Security and Data Privacy Compliance first strategy which has been at the core of our company. The security team helped to drive us to be the first Crypto company worldwide to achieve ISO27001, ISO27701, ISO22301 and PCI:DSS 3.2.1 (Level 1) certifications. Extremely detailed third party attested by international audit firm SGS and achieved "Adaptive (Tier 4)" – the highest level possible for the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework as well as SOC2 and many other regional certifications like the Data Protection Trust Mark.
Position SummaryAs our Security Assurance Manager, you will be responsible for our global security assurance program. As part of the team, you will engage with internal and external parties to drive security assurance projects successfully. You must understand security risks and controls, work with process owners to generate evidence, understand the evidence that strategically addresses the risks and controls, document artifacts, and report results to relevant stakeholders, including the senior management team.
Job Responsibilities-Participate in regulatory, compliance, or certification-related external audits -Develop next-generation internal assurance structure and practices to establish and maintain a best-in-class global assurance program-Lead assurance projects using an appropriate risk-based methodology-Responsible for developing and completing the company’s internal assurance plan and ensuring the company remains compliant with all relevant Korean regulations regarding technical and policy-based controls. -Engage and communicate with stakeholders effectively on the scope and purpose of the assurance project and collection of relevant artifacts-Prepare and present assurance reports to the stakeholders and senior management team-Work closely with 1st and 2nd lines of defence functions and stakeholders to address assurance findings or improvement areas without compromising the independence-Responsible for evaluating the adequacy of issue mitigations proposed or completed by stakeholders-Responsible for working with cross-functional partners and external stakeholders to implement and maintain information security policies and respond to legislative and regulatory requirementsPerform ad-hoc assessment as requested by management or stakeholders
Qualifications-3+ years of experience in information technology audit and a proven track record of solid performance and high-quality audit work-Ability to speak fluently both in Korean and English-Familiarity with South Korea’s data security and privacy legislation, such as the Network Act and PIPA, and the capability to apply regulatory requirements within an operational context-Experience working with external auditors and/or regulators (KISA, KoFIU, FSS, FSI, ISO 27001, ISO 27701, ISO 22301, etc.)-Experience liaising with governmental institutions such as the Korea Internet & Security Agency, the Ministry of Science and ICT, the Personal Information Protection Commission, the Korea Communications Commission, and the Financial Supervisory Service.Life @ Crypto.com Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Elevate employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet.   Are you ready to kickstart your future with us?  Benefits Competitive salary Medical insurance package with extended coverage to dependents Attractive annual leave entitlement including: birthday, work anniversaryWork Flexibility Adoption. Flexi-work hour and hybrid or remote set-upAspire career alternatives through us. Our internal mobility program can offer employees a diverse scope.  Work Perks: crypto.com visa card provided upon joining  Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com: Founded in 2016, Crypto.com serves more than 80 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at https://crypto.com.  Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.