Cyber and IT Risk Manager

Summary

Join Bitstamp, the original cryptocurrency exchange, as a Cyber and IT Risk Manager and become part of the 2nd line of defense. You will provide challenge and oversight to the design and implementation of IT and security controls and processes. Lead thematic reviews to assess controls' effectiveness, review self-identified risk issues, support business risk control self-assessments, and review control assurance outcomes. Conduct operational risk event reviews and provide expert advisory on security frameworks and policies. Provide challenge and oversight over major technology initiatives, support the business with risk insights, and engage with transformation changes. Develop an opinion on risks and controls' effectiveness, recommend key risk indicators, deliver reports, and develop effective business and technology relationships. Promote a risk-aware culture, educate the business on cyber and technology risks, and provide expert input to risk and control assessment activities. Analyze policies and standards in the context of regulatory requirements and develop local addendums. Bitstamp offers work-from-home options, generous home-office allowances, financial rewards, sports and cultural activities, and more.

Requirements

• Minimum 3 years experience of technology audit experience
• Minimum 5 years Cyber and Technology risk experience
• Minimum 5 years experience of working in a highly regulated environment, ideally within the finance sector and of regulatory interaction
• Knowledge of CSSF and other European IT and Cyber regulations
• Multi lingual (Proficient in English – written and oral)

Responsibilities

• Lead thematic/deep dive reviews to assess the controls effectiveness against key risk scenarios
• Review self-identified risk issues and acceptance to ensure the business is operating within Risk Appetite
• Support business Risk Control Self-Assessments with appropriate subject matter expertise
• Review and challenge Control Assurance outcomes as performed by 1st line
• Conduct Operational Risk Event reviews related to Technology and quality reviews on Self-identified risks/issues
• Provides expert advisory on security framework, policies, standards and guidelines to a complex level, and contribute to their development where appropriate, etc
• Provide challenge and oversight over major technology related initiatives in relation to BESA’s Risk Appetite
• Support the business by providing an informed view of Risks related to changes and new initiatives
• Engage with major transformation changes proving strong risk advisory and oversight practices
• Develop an opinion on BESA’s risk and effectiveness of our controls
• Recommend Key Risk Indicators and assessments as required
• Deliver reports and/or scorecards on the risk profile
• Develop effective business and technology relationships with key stakeholders
• Promotes a risk aware culture and communicates best practices to business and IT contacts
• Educate the business on cyber and technology risk, balanced risk approaches, and risk acceptance
• Provide Cyber and Technology interpretation to first line of defense, the business and corporate functions on standards and control requirements
• Provide expert input and challenge to risk and control assessment activities performed by the first line teams
• Analyze the policies and standard in the lens of the regulatory requirements for BESA jurisdictions and develop local addendum

Benefits

• Work from home or other location that allows you to be most productive
• Generous home-office allowances upon joining to help set up your home space
• Incentives: Financial Rewards, Bitstamp Employee Annual Awards, etc
• Sports and cultural activities, pet-friendly offices, a full fridge, teambuilding events, Bitstamp parties