Info Sec Risk Manager

  • Galaxy Digital
  • New York, NY
  • May 09, 2022
Full time AML Management Compliance

Job Description

Who We Are:

At Galaxy we are building products and services to help the world invest in economic progress. We believe crypto and blockchain innovations will permeate and improve all aspects of our global economy. Our vision is a society where value and ownership flow as freely as information. Galaxy is a digital asset and blockchain leader helping institutions, startups, and individuals access and navigate the crypto economy. As one of the most well-capitalized and trusted companies in the industry, we provide platform solutions custom-made for a digitally native ecosystem across multiple synergistic business lines: Trading, Asset Management (passive and active strategies), Principal Investments,  Investment Banking Services, and Mining. Galaxy’s CEO and Founder Michael Novogratz leads a team of crypto enthusiasts, and institutional veterans focused on the future of finance and Web3. The Company is headquartered in New York City, with offices in Chicago, London, Amsterdam, Tokyo, Hong Kong, the Cayman Islands (registered office), and New Jersey.

Additional information about the Company's businesses and products is available on www.galaxydigital.io.

What We Value:

We are a diverse team of free thinkers, and fast movers united to help investors and creators energize the global economy. We are looking for individuals who thrive in a culture of builders and overachievers and embrace high performance, transparent feedback, and a mission-first approach. Our culture shapes our way of working and gets us where we want to be.

  • Seek Excellence.
  • Be Selective To Be Effective.
  • Be Highly Aligned, Loosely Coupled.
  • Disagree Transparently.
  • Encourage Independent Decision-Making.
  • Build Dream Teams.

About You

As a candidate for this role, you can dive deep into controls and technology. You are naturally curious and stay on top of emerging trends and threats. You are a clear thinker. You thrive when working across teams and are an expert in dealing with ambiguity. You believe that a core component of security’s role is to enable the business, not just to secure it, and the solutions you bring to life are aligned to the business goals. You thrive in a fast-paced, technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities.

Responsibilities:

  • Evaluate third party control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including but not limited to: ISO27001, sig, soc reports, as well as Privacy, Compliance, Business Resiliency, Cyber and other risk domains.
  • Maintain up-to-date knowledge on cyber threats including those published by Threat Intel sources such as the Cybersecurity and Infrastructure Security Agency (CISA).
  • Assist in responding to audits, penetration tests and vulnerability assessments.
  • Assist with updating and creating departmental policies and procedures.
  • Conduct technical compliance assessments of information systems in accordance with established standards.
  • Assist with linking policy, standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance, and risk management.
  • Knowledge of Technology and Security risk framework -COBIT, FFIEC, NIST, ITIL, COSO.

Preferred Experience/Qualifications:

  • Bachelor’s Degree in Information Systems or related discipline required.
  • 7+ years of technology risk, IT security audit, compliance and/or relevant regulatory experience.
  • IT process remediation improvement projects with technology processes.
  • Performing technical assessments and documentation of processes and services, as well as auditing IT processes.
  • Defining security, resilience, and compliance strategies.
  • Building trusting relationships with stakeholders at various levels of the organization.
  • Certifications such as CISA, CISSP, CISM, desirable/preferred.

Here are some of the industry-leading benefits of working at Galaxy:

  • Competitive base salary, bonus, and equity
  • 100% company paid health insurance for employees, partners and dependents
  • 3% 401(k) company contribution
  • Generous paid Parental Leave
  • Flexible Time Off (paid)
  • Hybrid/Flexible Working Arrangements  
  • Opportunities to learn about the Crypto industry
  • Free daily snacks and weekly lunches
  • Smart, entrepreneurial and fun colleagues  
  • Annual charitable giving match
  • Employee Resource Groups
  • Free virtual coaching and counseling sessions through Ginger

*Benefits may vary based on location. 

Galaxy respects diversity and seeks to provide equal employment opportunities to all employees and job applicants for employment without regard to actual or perceived age, race, color, creed, religion, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital or partnership or caregiver status, ancestry, national origin, citizenship status, disability, military or veteran status, protected medical condition as defined by applicable state or local law, genetic information or predisposing genetic characteristic, or other characteristic protected by applicable federal, state, or local laws and ordinances.

We will endeavor to make a reasonable accommodation to the known limitations of a qualified applicant with a disability unless the accommodation would impose an undue hardship on the operation of our business. If you believe you require such assistance to complete the application process or to participate in an interview, please contact careers@galaxydigital.io.