Cyber and IT Risk Manager

Bitstamp is the original cryptocurrency exchange. 

We started small in 2011, with just two laptops and big aspirations. Fast forward to today and we have grown to serve over 5 million clients across the globe, who benefit from our commitment to security, transparency and regulation. Whether it’s through our intuitive web and mobile apps or arsenal of industry-leading APIs, Bitstamp is where crypto enters the world of finance. 

Our success is a result of the innovative ideas, talented individuals, and passion of our team. Together, we have helped shaped the crypto industry and continue to do so. We are always on the lookout for new talent and crypto-curious thinkers who share our passion for the future of finance. 

As a Cyber and IT Risk Manager, you will be operating as part of the 2nd line of defense function, to provide challenge and oversight to the design and implementation of IT and security controls and processes.

The benefits of Life at Bitstamp

• Work from home or other location that allows you to be most productive.
• Generous home-office allowances upon joining to help set up your home space.
• Incentives: Financial Rewards, Bitstamp Employee Annual Awards, etc.
• Sports and cultural activities, pet-friendly offices, a full fridge, teambuilding events, Bitstamp parties.

 What you'll do

• Lead thematic/deep dive reviews to assess the controls effectiveness against key risk scenarios.
• Review self-identified risk issues and acceptance to ensure the business is operating within Risk Appetite. 
• Support business Risk Control Self-Assessments with appropriate subject matter expertise.
• Review and challenge Control Assurance outcomes as performed by 1st line.    
• Conduct Operational Risk Event reviews related to Technology and quality reviews on Self-identified risks/issues.   
• Provides expert advisory on security framework, policies, standards and guidelines to a complex level, and contribute to their development where appropriate, etc.
• Provide challenge and oversight over major technology related initiatives in relation to BESA’s Risk Appetite. 
• Support the business by providing an informed view of Risks related to changes and new initiatives.
• Engage with major transformation changes proving strong risk advisory and oversight practices.
• Develop an opinion on BESA’s risk and effectiveness of our controls. 
• Recommend Key Risk Indicators and assessments as required.
• Deliver reports and/or scorecards on the risk profile.
• Develop effective business and technology relationships with key stakeholders.
• Promotes a risk aware culture and communicates best practices to business and IT contacts.
• Educate the business on cyber and technology risk, balanced risk approaches, and risk acceptance.
• Provide Cyber and Technology interpretation to first line of defense, the business and corporate functions on standards and control requirements. 
• Provide expert input and challenge to risk and control assessment activities performed by the first line teams. 
• Analyze the policies and standard in the lens of the regulatory requirements for BESA jurisdictions and develop local addendum. 

On day one you'll bring

• Minimum 3 years experience of technology audit experience. 
• Minimum 5 years Cyber and Technology risk experience. 
• Minimum 5 years experience of working in a highly regulated environment, ideally within the finance sector and of regulatory interaction. 
• Knowledge of CSSF and other European IT and Cyber regulations. 
• Multi lingual (Proficient in English – written and oral).