col-wideJob Description:
Your mission
We are a leading blockchain asset custody platform, committed to providing secure and reliable services to our clients. We use state-of-the-art technology and offer our customers security at the highest level. To strengthen our team, we are looking for an experienced and motivated Chief Information Security Officer who wants to shape the future of the company with us.
In this role, you will:
Build a security framework and architecture as a strategy and:
Develop and enforce Security Policies: Establish, implement, and enforce comprehensive security policies, procedures, standards, and guidelines
Target Measures Catalog and Control Framework: Define and maintain a robust control framework, documenting the scope and applicability of the information security management system
Policy and Process Management: Prepare, maintain, and enforce information security policies, manage the security process, and oversee IT service provider involvement
Provide ongoing research into threats, cyber security and technologies in order to adapt target measures accordingly
Metrics Reporting: Gather and report on established security compliance metrics to provide transparency and accountability
Management Communication: Inform the Management Board about Information Security Risks and ensure follow-through on mitigative actions
Firmly conducting audits internally and at external service providers in close coordination with Risk Control and DPO
Support during the year end external audits
Evaluate reports from external service providers
Examine and report information security incidents to the Management Board, ensuring effective incident response and remediation
IS Compliance Education: Educate control owners on compliance workflows and processes, ensuring understanding and adherence to security standards.
Participate in complex projects and have a close coordination with the CTO
Conduct and ensure Security trainings for the company and our team to keep security awareness high, promoting a security-conscious culture within the organization
Lead and develop our information security team of 3-4 employees to work closely with the tech units that have operational responsibility
Fully integrate with and report to RiskControl and Management
Support for Operational Risk Management in Risk Controlling the
Identification and assessment of ICT risks
Development and implementation of risk mitigation strategies and measures
Carrying out IS risk analyses and assessments
Monitoring and reporting on ICT risks and their status
Supporting BCM with contingency plans and business continuity strategies
What you need to be successful:
Professional credentials through studies or other qualifications
At least 5 years of experience in information security, of which at least 2 years in a management position
Experience of work in a regulated financial institute
In-depth knowledge of risk analysis and IT security architecture
Experience with regulatory requirements and in particular DORA and BAIT
Experience in KWG 44 audits is an advantage
Strong leadership and communication skills with a good dose of assertiveness
Excellent analytical skills, problem solving skills and the ability to communicate complex technical issues in an understandable way
Certifications such as CISSP, CISM or CISA are a plus
Very good knowledge of German and English (English is the company's main language of communication - German is the external auditors and regulators main language)
What's in it for you:
Accelerate your career growth by joining one of Europe's leading cryptocurrency management platforms
25 vacation days per year, with an additional day for each year of service - up to 30 days
Access to cutting-edge technologies, high levels of autonomy, and international working environment
Flexible working hours, hybrid work setup from both our Berlin and the Porto offices
Fitness (Urban Sports) and mental health (Likeminded) memberships
Hot/cold drinks and snacks in the office, andAll Handsmeetings once a month with pizza
About us
Finoa is a regulated crypto asset platform for institutional investors co-founded in 2018 by Christopher May and Henrik Gebbing. The company came to life through the shared aspiration to make institutional interactions with crypto assets simple and secure, and is backed by prominent investors, including Balderton Capital, Coparion, Maven11, Signature Ventures, and Venture Stars.
Finoa has since then grown into a truly international company, powered by a diverse team and serving high-profile clients from around the world. Reference clients include renowned venture capital firms, crypto hedge funds, corporates, Web3 companies, and high-net-worth individuals.
If you want to join one of Europe's most exciting crypto start-ups, be part of the next wave of innovation disrupting finance, and grow together with us, then this is your chance to apply.
Finoa is an equal opportunity employer devoted to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, or disability status.