Canada onlyThe Security TeamThe security department is the guardian of Chainlink Labs’ people and infrastructure. Its principal objective is to safeguard Chainlink Labs and its assets against potential threats from any external or internal source. This mission is accomplished through a combination of specialized security engineering, the deployment of cutting-edge technologies, forward-thinking policy development, and the training of highly skilled, security-aware personnel throughout the entire organization.
As an indispensable component of the larger organization, the team seeks to promote a widely understood culture of security, safeguarding our most valuable assets while remaining agile and accessible to all employees and the community.
The Role We are seeking a highly motivated and experienced Security Governance & Risk Specialist to join our Security Assurance team. You will be responsible for establishing security governance committee structure, executing security risk assessments processes and maintaining an up-to-date risk register, while working closely with stakeholders in remediating the gaps identified in the assessment. Also, you will be contributing to part of the security compliance requirements. The ideal candidate should have a proven track record of working on complex engineering, security and operations projects and initiatives with strong technical background.
Your Impact
- Assist in the development, maintenance and implementation of security policies, standards, and procedures to guide the organization's security practices.
- Establish security governance frameworks such as ISO 27001, NIST , COBIT or other relevant standards
- Assist in the development and execution of security risk assessment process, including documentation and implementation of risk treatment.
- Maintain a risk register to document and track identified risks and associated mitigation efforts.
- Develop and implement risk mitigations strategies and controls to address the identified security risks
- Define and track key performance indicators (KPIs) and metrics to measure the effectiveness of security controls and governance processes.
- Prepare and present security reports to senior management, highlighting risks, incidents, and compliance status.
- Conduct comprehensive third-party risk assessment of potential and existing vendors to evaluate their security posture in collaboration with Finance and Legal teams.
- Assist in completing security due diligence questionnaires from potential customers.
- Automate and implement risk management tools to support the security risk assessment process.
- Engage in team-building events, community engagement, team off-sites, peer-review & management review cycles and activities
Requirements
- With education or experience in the Information Security field
- At least 3 years of experience in Security Governance and Risk function with ability to run end to end security risk management process
- Experience working in fast paced technology or Web 3 companies
- Experience in building enterprise and security risk management process to satisfy ISO and SOC2 requirements
- Strong technical background working on complex engineering, security and operations projects and initiatives
- With one or more of these certifications - CISSP, CISM, CRISC, AWS/Azure/CGP security, ISO 27001 Lead Auditor or Implementer, FAIR etc.
- Strong communication skills, in particular around objectively measuring risk.
Desired Qualifications
- Security risk management experience in Web3 space
- Experience working in cybersecurity practice at one of the big 4 audit firms
- Experience in implementing Security GRC tool
- Ability to develop and implement strategies to mitigate the identified security risk
Commitment to Equal OpportunityChainlink Labs is an equal opportunity employer. All qualified applicants will receive equal consideration for employment in compliance with applicable laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us via this form.
Global Data Privacy Notice for Job Candidates and ApplicantsInformation collected and processed as part of your Chainlink Labs Careers profile, and any job applications you choose to submit is subject to our Privacy Policy. By submitting your application, you are agreeing to our use and processing of your data as required.
AL, AD + 105 more
Netherlands only
Brazil only
United Kingdom only
