About the company
In the new and exciting world of the decentralized internet, otherwise known as Web3, it is an individualās fundamental right to own and control their digital identity. To ensure that the individual is paramount in Web3, we are developing products and infrastructure to enable everyone to safely engage, take part, and transact in the emerging, decentralized world of the internet. Our platform centers on Web3 Identity and leverages that identity to provide individuals with secure digital asset storage and recovery, the ability to prove ownership of their creations, and gateways to digital interactions and experiences ā all to empower and benefit every Web3 user. We believe that the decentralized nature of Web3 creates an opportunity for everyone to challenge the digital status quoāto own and control their identity, data, finances, creations, and future. This is the chance to get it right ā to rally a movement of individuals so Web3 belongs to everyone, not to trillion-dollar companies. To fulfill this vision, we are seeking dynamic people who want to join us in leading the way to this new world.
Job Summary
WHAT YOU WILL DO
šAs Cybersecurity Program Manager, you possess strong governance, risk, and compliance. You will facilitate and lead the following activities and initiatives: šWriting, assessing, and validating cybersecurity policies, standards, and processes to support adoption of NIST CSF and NIST 800-53 programs. šDesigning and documenting technical, administrative, and procedural controls that align to cybersecurity framework adoption, compliance certification, and best practices. šCreating documentation to provide cybersecurity reporting and measurement of metrics, key performance indicators, and key risk indicators. šParticipating and leading cybersecurity strategy and tactical planning. šLeading cybersecurity program assessments for NIST CSF maturity evaluation. šLeading the establishment of SOC2 policy controls and preparing Blockchains for certification. šWorking as the primary SME for implementation and audits of SOC2 Type II and ISO27001 readiness assessments and certifications. šIdentifying gaps remediation actions, working with key stakeholders, control owners. šLeading efforts in implementing policies and procedures by working proactively across the organization to understand capabilities, limitations, and defining implementation objectives. šOverseeing security control implementations, defining project objectives and milestones, working cross-functionally to accomplish successful technology deployments in partnership cross functionally with key stakeholders. šCoordinating technical assessments, penetration testing, red teaming, and incident response table-top exercises. šTracking and monitoring vulnerability remediation activities and ensuring the technical team deploys patches and configuration changes within SLA. šSupporting answering our Partners/Customers cybersecurity questions. šManaging other cybersecurity initiatives as defined as needed by the business teams.
WHAT YOU WILL NEED TO SUCCEED
šThis is a hands-on, part technical part governance, role in planning and organizing the cybersecurity program for Blockchains. To be successful, you must have an analytical mindset with excellent organizational skills. You will have outstanding communication and interpersonal skills and can proactively communicate with multiple stakeholders including executive and technical focused professionals. You have demonstrable knowledge of cybersecurity risk management, compliance experience with SOC2 Type 2 and ISO 27001, and implementation of industry standards such as NIST CSF and 800-53. Knowledge of GDPR and other international data transfer requirements is preferred. The role will also require demonstrable knowledge and/or certification in any or all of the following areas: Privacy by Design, Risk Assessment, Security Awareness Training, Incident Response, Security Operations, Threat & Vulnerability Management, and Identity & Access Management.
