Senior Security & IT Engineer

Summary

Join Chorus One, a leading company in Proof-of-Stake networks, as their Information Security Manager. You will maintain and oversee the functionality of their ISO 27001 Framework, collaborate with teams on security policies and procedures, and coordinate vulnerability assessments. Responsibilities include conducting internal audits, analyzing security threats, and recommending solutions. You will also provide technical support, administer security training, and manage internal IT systems. The ideal candidate has 5+ years of relevant experience, expertise in security architecture, and strong communication skills. Chorus One offers a competitive salary, stock options, a generous learning budget, paid parental leave, and the flexibility to work from anywhere.

Requirements

• Experience leading and implementing security frameworks, such as ISO 27001, SOC 2, GDPR from start to finish
• 5+ years of relevant Information Security experience
• Functional knowledge of security domains and information security industry standard and best practices
• Proven experience in building and maintaining security policies and controls, processes, and procedures
• Expertise in security architecture and design, network security, and data protection
• Ability to identify security threats and vulnerabilities within an organization and develop suitable countermeasures
• Ability to identify and recommend tools, processes, and software to automate and continuously improve security and compliance practices
• Strong organizational skills, proactive and self-sufficient with a proven ability to work independently and prioritize deliverables
• Strong communication and interpersonal skills to liaise with stakeholders

Responsibilities

• Maintain and oversee the functionality of our ISO 27001 Framework and subsequent certifications arising from business needs, collaborating with teams and stakeholders to ensure successful implementation within a given timeline
• Work with teams and stakeholders to develop, implement, and maintain information security policies, procedures, and standards to comply with business relevant security standards and frameworks (ISO 27001, SOC 2) as well as relevant legal and regulatory requirements
• Coordinate vulnerability assessments and penetration tests on network systems and applications
• Monitor and conduct internal audits of the system environment, policies and procedures. Develop and maintain timelines, roadmaps, and list of required tasks for various teams based on the outcomes
• Analyze and report on security threats and incidents, triage resolution, and develop controls and strategies to mitigate those risks
• Research and recommend security solutions to mitigate security risks and improve existing practices and technologies to align with the organization's risk tolerance and ensure regulatory compliance
• Assist sales in responding to prospect and customer inquiries about Chorus One’s security and compliance posture
• Administer security and awareness training for the team
• Administer and configure our services such as Google Workspace, Slack, Bitwarden, Notion, and SSO integration between them, manage software licenses
• Provide technical support to our employees and keep our internal knowledge base up to date
• Provision laptops for new hires (Mac and Linux) and maintain an asset register of our corporate devices
• Work with stakeholders to set processes and policies. For example, set up a BYOD policy, streamline our onboarding flow, etc
• Adopt processes and tools to ensure that our corporate devices are secure, up to date, and free of malware
• Researching, proposing, implementing, documenting, testing and supporting new solutions that make our internal IT easier to manage and secure
• Streamline our retreats to make them inclusive for remote attendants, and manage the AV equipment and other hardware for this

Preferred Qualifications

• Previous work experience in the crypto space and understanding of blockchain technology and associated risks
• Certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor / Implementer or similar

Benefits

• Annual 3,000 CHF learning budget
• Attend up to two conferences a year
• $1,000 Crypto Starter Kit
• Biannual retreats
• Work From Anywhere
• 500 CHF/month coworking budget
• Paid parental leave
• Competitive fixed salary in your preferred local currency or stable coins
• Stock options
• Flexibility to suit your individual needs
• Ability to provide local employment in over 150 countries