Director, Technology Risk

October 15

Apply Now

Receive Emails with Similar Jobs

Coinbase

WebsiteLinkedInAll Job Openings

Digital Currency • Software • Payment Processing • Bitcoin • Technology

1001 - 5000

💰 $21.4M Post-IPO Equity on 2022-11

Description

• Lead and oversee the second line technology and security risk team, framing and driving the vision for a Technology Risk Management framework across the three lines of defense. • Lead company-wide technology and security risk initiatives. Collaborate with technology and security leadership to design and implement efficient methods for identifying, surfacing, and reporting risks across the business. • Build, grow, and coach a team of technology and security risk analysts; foster a culture of agility and innovation, and provide ongoing performance feedback. • Oversee the implementation of risk policies, standards, and technologies to establish scalable processes that grow with the business. • Facilitate periodic second line technology and security risk assessments across production and corporate environments, enabling teams to describe risks in both qualitative and quantitative terms. • Ensure monitoring is in place for all risk treatment activities, maintaining clear communication with risk owners. • Collaborate with global stakeholders, including international risk management partners, to build a security risk management program that supports multiple entities, products, and global locations. • Keep up with international regulations, emerging threats, forecasts, policies, and benchmarks, integrating these into technology and security risk management methodologies and practices. • Partner with Enterprise Risk Management (ERM) and Operational Risk programs to provide effective and consistent second line oversight. • Develop communication plans to roll out the security risk program across the organization and provide ongoing education and support to teams.

Requirements

• Minimum of 12 years of relevant experience in technology risk, information security risk, IT audit, and/or a related domain, with 8+ years of management experience • Solid communicator and writer; experience with drafting project plans across multiple stakeholders, holding teams accountable to their deliverables, and producing final reports • Proven ability to embed risk management practices within operations. • Knowledge of and experience with security and security risk standards and frameworks, such as the NIST Cybersecurity Framework, NIST RMF, COBIT, ISO 27005, DORA, FAIR risk quantification methodology, etc. • Expertise in all phases of the risk management lifecycle and execution of these phases within a technology or security risk management program • Self-motivated and demonstrate a sense of urgency in high-intensity environments • Shift nimbly between strategy and operations to drive the program’s success • Ability to communicate with technical and non-technical stakeholders including senior management in order to drive alignment • Enjoy solving hard problems and can turn incomplete, conflicting, or ambiguous inputs into action plans. Experience deconflicting roles and responsibilities and driving clarity. • Ability to leverage data to inform critical decisions and make recommendations • Able to manage multiple stakeholders and priorities simultaneously • Experience interacting with regulators • Knowledge of a cloud-services environment • Expertise in automation and building scalable solutions

Benefits

• target bonus • target equity • benefits (including medical, dental, vision and 401(k))