Binance is the leading global blockchain ecosystem and cryptocurrency infrastructure provider whose suite of financial products includes the world's largest digital-asset exchange.
Our mission is to accelerate cryptocurrency adoption and increase the freedom of money.
If you're looking for a fast-paced, mission-driven organization where opportunities to learn and excel are endless, then Binance is the place for you.
Responsibilities:
Oversee and actively participate in the establishment, implementation, and refinement of the IT security function and framework for the Binance platform in Luxembourg.
Manage outsourced suppliers, ensuring their compliance with our security standards through active involvement.
Conduct and engage in Security Risk Management with all stakeholders according to Security Risk Management Frameworks.
Serve as the accountable Senior Manager for the Security function for Binance in Luxembourg.
Work as part of the three lines of defense model to ensure the security of funds, data, and systems.
Ensure all security obligations for governance, regulatory, and compliance matters are met.
Take an active role in delivering Security Risk Management as part of the management team and Board of Directors.
Advise and be directly involved in the annual IT audit plan and other internal and external audits related to Security Risk Management.
Drive cyber security assessments and penetration tests as per the PASSI testing framework.
Lead hands-on IT security risk management for new projects and any integration with third-party vendors.
Ensure all third-party integrations adhere to required security standards, including but not limited to SLA in contractual agreements.
Manage the local security effort and contribute to the continual improvement of the global department.
Be accountable for hands-on security incident management, including prompt reporting to senior management and other teams.
Work with the Risk Function to ensure effective and adequate Business Continuity Plans.
Oversee day-to-day Security Risk Management and reporting to the Luxembourg executive leadership teams.
Facilitate internal and external audits, penetration testing, and all regulatory compliance obligations to ensure they are continually met and reported to global and local stakeholders.
Requirements:
Proven track record of working in international companies, with experience in cybersecurity within a regulatory context.
A combination of senior management experience and deep cybersecurity expertise is mandatory.
Active contributor to the security community through published materials or participation in international conferences.
Demonstrable experience working in a global team within a rich, multicultural, and fast-paced environment.
10+ years of experience in security and technology compliance within the finance sector.
Bachelor's degree or higher in information technology, cybersecurity, or a related field.
Proven track record of self-motivated leadership, with excellent communication and listening skills.
Proven experience in directly managing cybersecurity operations and actively contributing to their implementation.
Hands-on experience in delivering global projects involving international data privacy and information security frameworks, including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, PASSI audits, and PCI-DSS.
A commitment to excellence by default, with a passion for collaboration and team achievement.
Demonstrable experience in delivering effective business and technical security solutions, processes, tools, and project management within high-performing teams.
A strong passion for the latest cybersecurity trends and emerging threats is essential.
Mandatory experience in engaging directly with regulatory bodies and implementing their recommendations.
ISO 27001 Lead Auditor, and/or certifications from ISC2, ISACA, GIAC, PASSI are a plus.
Fluency in English is essential, French would be beneficial.
Luxembourg based.