Summary
Company Information
Founded in 2016, Crypto-com serves more than 80 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto-com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem.
Crypto-com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto-com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team.
Personal data provided by applicants will be used for recruitment purposes only.
Please note that only shortlisted candidates will be contacted.
Role Information
As our Security Compliance Analyst, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. This role must be able to work remotely with distributed teams and in person with teams in France.
Responsibilities
Assist in our security compliance programs, including ISO, PCI DSS, SOC2, etc
Participate in internal security and privacy assessments, internal audits, customer audits, compliance certifications, and third-party risk management
Provide accurate and consistent responses to customers or third-party on security compliance enquiries
Perform security compliance activities, including conducting annual and project risk & control assessments and third-party assessments, and managing remediation activities
Design necessary control required to comply with international standards and local regulations
Evaluate technical and organisational controls to ensure effectiveness and compliance, including managing the control remediation efforts
Requirements
Experience in information security, IT audit or IT risk management-related roles.
Prefer experience with one or more of the following: conducting security control assessments, risk assessments or audits.
Prefer experience with any of the following: ISO27001 and ISO27701 standards, and data protection regulations and requirements.
Holders of security-related certifications/qualifications (CISSP, CRISC, CISM, CISA, ISO27001 LA, PCI QSA, CIPT, CIPP/E, etc.) will be an advantage.
Experience with the French Network and Information Security Agency (ANSSI) standards and guidelines, including PASSI audits.
Minimum 3 years of hands-on experience in a fast-paced working environment