Information Security Officer

Company: Floating Point Group
Location: Hoboken
Posted on: June 15, 2022

Job Description:

WHY FPG IS A GREAT PLACE TO WORK With all our cutting edge solutions in a nascent, fast-moving technology industry, there's never a dull moment. We offer our clients the first consolidated product for trading across a vast selection of cryptocurrency markets, automated trade settlement and secure assets custody. We invest in our people. Learning is critical to our culture, the truth is we have to- our industry is new and exciting- there's so much to absorb. We encourage our colleagues to pursue their own education - and we help fund it. You're part of something bigger. We believe that blockchain and cryptocurrency are developing products that are shaping the future of finance. Our employees - and customers - benefit from contributing.THE ROLE IN A NUTSHELL We are looking for an experienced, talented information security director to own our operational and informational security architectures. As we execute our go-to-market strategy and continue to rapidly scale, it is imperative that we find someone who will ensure that no matter what scale FPG gets to, security is a cornerstone. Particularly in the web3 & cryptocurrency industry, best practices are being defined every day- evolving and iterating to meet the needs of new products and new ideas. This is a chance to define the gold standard for the industry. As an integral designer of our security systems, you will establish the cultural foundation of how we think about security across the organization. You will define our operational security policies, ensure the team and our product adheres to the highest standards, and interface with clients to share with them how we see security. Not only will you be on the FPG security team, you will be an indispensable member of FPG's sales and engineering team. You will define operational and cybersecurity policies, helping with product design to ensure security is at the core, and interact with our client base regularly. You will have broad control over internal security and will be responsible for making sure FPG's security is best in class. We expect that you will be our in-house subject matter expert on security. What you'll be doing. Operational Security (OpSec) Take ownership of the company's operational security policies on all security-related matters. Run our regularly occurring internal security audits. Coordinate security training, including annual training, new-hire training, phishing tests, social engineering, table-top exercises, and other security-awareness trainings. Ensure that the company's compliance and risk management policies adhere to best practice standards Maintain all security-related documentation, including security policies & procedures (including business continuity planning, incident response documentsand disaster recovery plans) Implement new security projects and initiatives, and maintain existing security solutions Informational Security (InfoSec) Work with our engineers advising on best practices and reviewing how access patterns are setup. You don't need to be a code monkey, but should know your way around Amazon Web Services and architecture diagrams. Own security-minded projects (Pen testing, SOC2 compliance) Review vulnerability scans and coordinate remediations with the Engineering teams Be a central incident response coordinator and forensic investigator for IT and security incidents. Must be able to configure, support, and maintain security tools and devices such as firewalls, AWS Cloudtrail, AV software, and patches/upgrades. Security Branding, Marketing, and Client Interactions Meet clients and discuss with them how we think about security Perform IT vendor due-diligence and risk assessments for new and existing vendors Coordinate IT audit request for financial regulatory audits Assist with security and DR/BC questions for client RFPs Prepare periodic security KPI reports Function as a Subject Matter Expert to the company on all security-related matters Qualifications Bachelor's degree At least 5 years experience in information security, cybersecurity, security architecture and/or risk assessment is required. Experience with Incident Management, Vulnerability Scanning, and Identity & Access Management Experience with: NIST, firewall configurations, SIEM (Secure information & event management) security solutions. Security certifications, such as CISSP, CISM, CISA, and/or CRISC. Experience with ISO 27001-2013 security framework Experience with Office 365, Google Suite, Apple, AWS architecture and infrastructure. Exceptional verbal and written communication and project management skills are required. You're really excited about cryptocurrency and seek out ways to grow your expertise it its cutting edge tech The scrappiness and unavoidable pairing of innovation & chaos that happens in startups is one of the most exciting aspects for you You prioritize transparency and straight forward communication You support distributed ownership, defaulting to team-led initiatives as often as possible You don't take yourself too seriously Is your experience close to what we've described but maybe you feel you're missing a few of the requirements? We encourage you to apply anyway. We look for people with exceptional potential, and we know this can take many forms. We believe the highest performing teams include people with diverse backgrounds, perspectives, and life experiences.

Keywords: Floating Point Group, Hoboken , Information Security Officer, Other , Hoboken, New Jersey