Lead – Cyber & Technology Risk

📋 Description

• Lead and uphold the organization’s Technology Risk Management (TRM) framework, policies, and governance standards.

• Conduct technology and cybersecurity risk evaluations across infrastructure, cloud settings, wallet systems, applications, APIs, and third-party services.

• Assist in audit and regulatory preparedness efforts, including tracking remediation and enhancing control initiatives.

• Oversee and evaluate risks related to digital asset infrastructure, payment systems, custodial and non-custodial environments, and operational resilience.

• Collaborate with Information Technology and Security teams to enhance controls around access management, incident response, change management, monitoring, and vendor oversight.

• Aid in incident management tasks, encompassing risk assessment, escalation review, remediation tracking, and post-incident analysis.

• Create and sustain risk reporting, dashboards, and Key Risk Indicators (KRIs) to facilitate management visibility and decision-making.

• Foster robust risk awareness and governance practices throughout business and technology teams.

• Keep abreast of emerging cybersecurity, fintech, and digital asset risks, technologies, and industry trends.

⛳️ Requirements

• A minimum of 10 years of experience in Technology Risk, Information Security, Cybersecurity Governance, IT Risk, IT Audit, or related domains.

• Previous experience in fintech, payments, digital assets, blockchain, or regulated financial services environments is highly preferred.

• In-depth understanding of technology risk governance, cybersecurity controls, cloud infrastructure, operational resilience, and vendor risk management.

• Familiarity with digital asset infrastructure, wallet environments, payment/card ecosystems, and blockchain operational risks.

• Experience in supporting audit remediation, regulatory readiness, and control assessments.

• Solid knowledge of security and governance frameworks such as ISO 27001, NIST, CIS Controls, PCI-DSS, or similar standards.

• Excellent stakeholder management and communication abilities, with the capacity to collaborate effectively across both technical and non-technical teams.

• Professional certifications like CISSP, CISM, CRISC, CISA, or ISO27001-related certifications are beneficial.

🏝️ Benefits

• Flexible working arrangements

• Competitive salary

• Ongoing professional development

• Welcoming and supportive culture

• Diverse, global team