Senior Defensive Security Advisor at Desjardins identifying and mitigating threats across systems and networks. Leading complex initiatives and collaborating with stakeholders for effective security posture.
About the role
- The Information Security Risk Specialist reports to the Chief Security Officer of Zodia Custody, who is accountable for Information & Cyber Security. As Zodia’s core mission is to provide safe custody of digital assets, this role is critical for ensuring that appropriate security countermeasures and operational capabilities have been implemented to respond to the evolving threat landscape of cyber-attacks.
- **Key Purpose**
- Maintain strong stakeholder engagement and serve as a point of contact of ICS related matters;
- Help to drive ICS requirements of Zodia and its clients into enhancements to Zodia products or ICS related initiatives;
- Engage external agencies / third parties to understand the threat environment and reported events; assess impact to Zodia;
- Engage with ICS stakeholders and external clients to demonstrate how ICS controls are being embedded into Zodia.
- **Key Responsibilities **
- Continually improving Zodia’s product and platform security by embedding security and resilience from the start and by default;
- Partner with various Zodia teams to continually drive down ICS risks, within risk appetite;
- Contribute to the operational delivery of controls, specifically for threat intelligence & modelling, application security, identity & access and security incident management.
- Manage ICS industry certification and audit activities for ISO 27001:2022 and SOC 1 & 2.
- Oversee and play a core role in lifecycle management of keys, covering generation, use and decommissioning of keys
- Review regulatory obligations for ICS requirements across Zodia’s jurisdiction footprint & drive implementation into technology (e.g. SG/MAS, EU/CSSF & DORA, AU/ASIC, UAE/ADGM, HK/HKMA etc). Take responsibility for effective implementation and coordinate with risk, compliance and technology teams to ensure effective oversight.
- Contribute ICT related information for regulatory reporting managed by the Compliance team.
- Drive security culture/awareness and help improve readiness for a cyber event;
- Contribute to the enhancement of ICS policy, standards and DOIs.
- Support the planning and implementation of Business Continuity Management within the organization.
- Provide technical expertise and knowledge in the context of the monitoring outsourced ICT service provider.
- Work with the stakeholders and other functions to validate the resilience of data and systems against Cyber threats.
- Collaborate with colleagues on client acquisition, improving the efficiency of due diligence processes and client pitches.
Requirements
- **Experience Required**
- Demonstrable knowledge in Crypto Asset security, specifically around key management, custody & smart contracts.
- Experience in information security domains such as threat intelligence & modelling, identity & access, incident and investigation management.
- Strong technical and hands-on experience in application security, including management of assurance activities such as pen-testing and bug bounty programmes.
- Experience working with Development and Engineering functions to improve security features and outcomes in applications.
- Experience managing an industry security framework such as ISO 27001 and SOC.
- **Type of person**
- Ability to deal and influence outcomes with cross functional teams and colleagues.
- Familiar and able to thrive in fast paced environment with constant change.
- Enjoys hands-on execution of tasks with “get things done” mindset.
- Able to manage both global and local role requirements and demands.
Benefits
- We are a friendly team, with monthly socials and seasonal celebrations as well as offering a range of fantastic benefits including:
- 30 days annual leave
- Pension contribution
- Annual training allowance
- Flexible national holidays (can chose whether to work on national holidays and use the leave elsewhere in the year)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Life and health insurance financial security advisor serving clients by providing advice and maintaining business relationships. Focused on sales of insurance products and services based on client needs.
CE
Care New EnglandDirector, Security
Director of Security overseeing all safety and security operations for Women & Infants Hospital. Responsible for deterring crime, protecting premises, and managing transport services.
Responsable Pôle Sécurité Médiation Fraude managing security operations for public transport services in Metz. Ensuring safety and compliance while optimizing fraud prevention strategies.
RB
Cyber Security Engineer at Regions focusing on cloud and infrastructure security. Designs and implements cybersecurity solutions while providing technical support and guidance.
CA
Capital.comIAM Security Engineer
IAM Security Engineer focusing on identity and access management automation in a dynamic digital assets company. Contributing to scaling IAM infrastructure through automated solutions and secure user lifecycle management.
FC
Ford Motor CompanySecurity Systems Data Integration Specialist
Data Analyst joining Ford's team to focus on security technologies and data integration. Responsible for improving data operations across global infrastructure and complex requests.
FC
Ford Motor CompanyMobile App Product Manager, Vehicle Security
Digital Product Manager at Ford creating connected vehicle experiences through integrated hardware and software solutions. Collaborating with teams to enhance customer experience through new digital products.
Cybersecurity Engineer implementing Zero Trust Reference Architecture solutions at Mythics. Deploying and maintaining Forescout platform within secure environments.
WA
WattpadSecurity Governance Manager
Security Governance Manager at WEBTOON responsible for IT and Security governance framework. Collaborating with Legal, Product, and Engineering teams in Los Angeles headquarters.