As a candidate for this role, you can dive deep into controls and technology. You are naturally curious and stay on top of emerging trends and threats. You are a clear thinker. You thrive when working across teams and are an expert in dealing with ambiguity. You believe that a core component of security’s role is to enable the business, not just to secure it, and the solutions you bring to life are aligned to the business goals. You thrive in a fast-paced, technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities.
- Evaluate third party control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including but not limited to: ISO27001, sig, soc reports, as well as Privacy, Compliance, Business Resiliency, Cyber and other risk domains.
- Maintain up-to-date knowledge on cyber threats including those published by Threat Intel sources such as the Cybersecurity and Infrastructure Security Agency (CISA).
- Assist in responding to audits, penetration tests and vulnerability assessments.
- Assist with updating and creating departmental policies and procedures.
- Conduct technical compliance assessments of information systems in accordance with established standards.
- Assist with linking policy, standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance, and risk management.
- Knowledge of Technology and Security risk framework -COBIT, FFIEC, NIST, ITIL, COSO.
- Bachelor’s Degree in Information Systems or related discipline required.
- 7+ years of technology risk, IT security audit, compliance and/or relevant regulatory experience.
- IT process remediation improvement projects with technology processes.
- Performing technical assessments and documentation of processes and services, as well as auditing IT processes.
- Defining security, resilience, and compliance strategies.
- Building trusting relationships with stakeholders at various levels of the organization.
- Certifications such as CISA, CISSP, CISM, desirable/preferred.
Here are some of the industry-leading benefits of working at Galaxy:
- Competitive base salary, bonus, and equity
- 100% company paid health insurance for employees, partners and dependents
- 3% 401(k) company contribution
- Generous paid Parental Leave
- Flexible Time Off (paid)
- Hybrid/Flexible Working Arrangements
- Opportunities to learn about the Crypto industry
- Free daily snacks and weekly lunches
- Smart, entrepreneurial and fun colleagues
- Annual charitable giving match
- Employee Resource Groups
- Free virtual coaching and counseling sessions through Ginger
*Benefits may vary based on location.