At Xapo, the largest custodian of Bitcoin in the world, we offer the convenience you would expect from an online checking account with the high tech security of our Bitcoin vault.Our business is growing fast, and we want to make sure we can keep providing the best quality support to our customers. We are looking for an experienced
Information Security Process Analyst who can actively contribute to a challenging / technological work environment.
High-level coordination and communication across various business units, overseeing operational execution of Global IT Security Policies, and ensuring regulatory IT Security compliance requirements are being met
Enforcement and validation of Global information security policies, standards and procedures
Assess IT general controls and/or application layer security controls to ensure compliance with XAPO Global Information Security policies, international standards, best practices and regulations, especially in the US
Deep understanding of business processes and technology used within the areas to ensure compliance with regulatory requirements and the XAPO Information Security Policy and applicable procedures, processes and standards
Identify and evaluate technology risks internally and/or at third parties, internal controls which mitigate risks, and related opportunities for internal control improvements
Ensure users understand and adhere to policies and procedures including implementation and enforcement of an information Security awareness program
Some Perks of working with Xapo
TOP-TIER COMPENSATION PLUS STOCK OPTIONS
Working as part of a global team
Learning from Silicon Valley’s brightest
5 years or more as an auditor or in audit departments
Proven experience in SOC1/2 Reports and ISO 27001 Certification, Information Security controls - Big 4, Consulting or IT internal audit experience.
Information Security certification such as CISSP, CISSM, CRISC, CISA or equivalent desirable.
Deep understanding and experience on implementation of Policies for Data Privacy and Security controls for protection of Personal Data and Personally Identifiable Information
Privacy regulations and security compliance requirements affecting Global financial institutions (i.e. GDPR)
- Knowledge in various cybersecurity areas such as: Identity and Access Management, Threat and Vulnerability - Management, Information Risk and Governance, IT Architecture, Monitoring, Incident Response and Security Strategy, Physical Security and/or Business Resiliency
- Good written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.
- Strong analytical, problem solving, organizational, documentation; time management skills and attention to details
- Good analytical and problem-solving skills coupled with thoroughness and attention to detail is highly desired
- Ability to optimize and condense information and transform data into easily understandable concepts
- Technical skills in MS Excel, PowerPoint, Word, and Project
- Fluent in English. Speak a second language ideal, preferably Spanish, but not a requirement.