About the company
About Chainlink Labs Chainlink is the industry standard oracle network for connecting smart contracts to the real world. With Chainlink, developers can build hybrid smart contracts that combine on-chain code with an extensive collection of secure off-chain services powered by Decentralized Oracle Networks. Managed by a global, decentralized community of hundreds of thousands of people, Chainlink is introducing a fairer model for contracts. Its network currently secures billions of dollars in value for smart contracts across the decentralized finance (DeFi), insurance, and gaming ecosystems, among others. The full vision of the Chainlink Network can be found in the Chainlink 2.0 whitepaper. Chainlink is trusted by hundreds of organizationsāfrom global enterprises to projects at the forefront of the blockchain economyāto deliver definitive truth via secure, reliable data. Chainlink Labs is an Equal Opportunity Employer. LI-Remote Chainlink Labs focuses on SaaS, Open Source, Software, and Blockchains. Their company has offices in New York City and San Francisco. They have a mid-size team that's between 51-200 employees. You can view their website at https://chainlinklabs.com/ or find them on LinkedIn. When applying, mention the word CANDYSHOP when applying to show you read the job post completely. This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human RODMuOC4xNTIuNzEM
Job Summary
Your Impact
šAssist in the development, maintenance and implementation of security policies, standards, and procedures to guide the organization's security practices. šEstablish security governance frameworks such as ISO 27001, NIST , COBIT or other relevant standards šAssist in the development and execution of security risk assessment process, including documentation and implementation of risk treatment. šMaintain a risk register to document and track identified risks and associated mitigation efforts. šDevelop and implement risk mitigations strategies and controls to address the identified security risks šDefine and track key performance indicators (KPIs) and metrics to measure the effectiveness of security controls and governance processes. šPrepare and present security reports to senior management, highlighting risks, incidents, and compliance status. šConduct comprehensive third-party risk assessment of potential and existing vendors to evaluate their security posture in collaboration with Finance and Legal teams. šAssist in completing security due diligence questionnaires from potential customers. šAutomate and implement risk management tools to support the security risk assessment process. šEngage in team-building events, community engagement, team off-sites, peer-review & management review cycles and activities
Requirements
šWith education or experience in the Information Security field šAt least 3 years of experience in Security Governance and Risk function with ability to run end to end security risk management process šExperience working in fast paced technology or Web 3 companies šExperience in building enterprise and security risk management process to satisfy ISO and SOC2 requirements šStrong technical background working on complex engineering, security and operations projects and initiatives šWith one or more of these certifications - CISSP, CISM, CRISC, AWS/Azure/CGP security, ISO 27001 Lead Auditor or Implementer, FAIR etc. šStrong communication skills, in particular around objectively measuring risk.
