VP, IT Risk and Control Manager

At Galaxy we are building products and services to help the world invest in economic progress. We believe crypto and blockchain innovations will permeate and improve all aspects of our global economy. Our vision is a society where value and ownership flow as freely as information. Galaxy is a digital asset and blockchain leader helping institutions, startups, and individuals access and navigate the crypto economy. As one of the most well-capitalized and trusted companies in the industry, we provide platform solutions custom-made for a digitally native ecosystem across three complementary operating businesses: Global Markets, Asset Management, and Digital Infrastructure Solutions. Our offerings include, amongst others, trading, lending, strategic advisory services, institutional-grade investment solutions across passive, active and venture strategies, proprietary bitcoin mining and hosting services, network validator services, and the development of enterprise custodial technology. Galaxy’s CEO and Founder Michael Novogratz leads a team of crypto enthusiasts, and institutional veterans focused on the future of finance and Web3. The Company is headquartered in New York City, with global offices across North America, Europe and Asia.

Additional information about the Company's businesses and products is available on www.galaxy.com.

What We Value:

We are a diverse team of free thinkers, and fast movers united to help investors and creators energize the global economy. We are looking for individualswhothrive in a culture of builders and overachieversandembrace high performance, transparent feedback, and a mission-first approach. Our culture shapes our way of working and gets us where we want to be.

• Be Selective To Be Effective.
• Be Highly Aligned, Loosely Coupled.
• Disagree Transparently.
• Build Dream Teams.

Who You Are:

We are seeking a highly experienced IT Risk and Control Manager to join our London-based team. This role will lead the execution of IT risk management and control governance activities across our UK operations, support regulatory compliance under UK, EU, and US cybersecurity requirements, and oversee third-party ICT risk due diligence. The role is critical in ensuring Galaxy Digital’s continued compliance as a regulated Virtual Asset Service Provider (VASP).

What You’ll Do:

Control Governance

• Monitor and test IT controls for effectiveness, report deficiencies, and oversee remediation plans
• Maintain oversight of internal audit findings and risk action plans
• Ensure all UK operations align with group-wide IT governance standards and policies

Regulatory Compliance

• Ensure adherence to UK and EU laws and regulations including:
• UK NIS Regulations, PRA SS1/21, FCA SYSC
• EU DORA, MiCA
• US NIST CSF, NYDFS, SEC cybersecurity rules (where applicable)
• Support regulatory submissions and requests from UK authorities (FCA, ICO, NCSC)
• Partner with Compliance to assess the impact of emerging cyber regulations on UK operations

Third-Party Risk Management

• Execute third-party cybersecurity risk assessments and onboarding due diligence
• Work with procurement and legal to enforce ICT contractual requirements (e.g., exit plans, audit rights, data security SLAs)
• Maintain the third-party risk inventory and ensure periodic reviews

Policy and Awareness

• Maintain IT and cyber policies in line with industry and regulatory expectations
• Lead awareness initiatives for secure technology practices and incident response preparedness

What We’re Looking For:

• Minimum 10 years’ experience in IT risk, cybersecurity governance, or technology audit in financial services or crypto/digital assets
• Strong knowledge of UK, EU, and US cybersecurity regulatory requirements, including MiCA, DORA, GDPR, and relevant FCA rules
• Demonstrated success leading risk assessments and compliance audits
• Experience with IT GRC tools (e.g., Archer, ServiceNow, OneTrust)
• Strong analytical, communication, and stakeholder management skills

Bonus Points:

• Relevant certifications: CISA, CISSP, CRISC, or CISM
• Experience working within a regulated crypto exchange or fintech
• Understanding of blockchain, DeFi, custody models, and wallet technologies

What We Offer:

• Competitive base salary and discretionary bonus
• Company-paid health and protective benefits for employees and their eligible dependents
• Free virtual coaching and counseling sessions
• Opportunities to learn about the Crypto industry
• Smart, entrepreneurial, and fun colleagues
• Employee Resource Groups

*Benefits may vary depending on location.

Galaxy respects diversity and seeks to provide equal employment opportunities to all employees and job applicants for employment without regard to actual or perceived age, race, color, creed, religion, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital or partnership or caregiver status, ancestry, national origin, citizenship status, disability, military or veteran status, protected medical condition as defined by applicable state or local law, genetic information or predisposing genetic characteristic, or other characteristic protected by applicable federal, state, or local laws and ordinances.

We will endeavor to make a reasonable accommodation to the known limitations of a qualified applicant with a disability unless the accommodation would impose an undue hardship on the operation of our business. If you believe you require such assistance to complete the application process or to participate in an interview, please contact careers@galaxy.com.

*

indicates a required field

First Name *

Last Name *

Email *

Phone *

Resume/CV *

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Education

School * Select...

Degree * Select...

Select...

Select...

Start date year *

End date month * Select...

End date year *

Mailing Address

LinkedIn Profile

Website

Why are you interested in Galaxy Digital? *

Are you legally authorized to work in the location of this job? * Select...

Will you require future sponsorship? * Select...

Collecting diversity data from colleagues is a well-established way to track and encourage improvement in diversity. We are asking you to provide this information on a voluntary basis to help us inform our recruiting practices and policies.It is entirely your choice if you choose to provide this information. Your managers will not have access to your responses.

This helps us plan our work in promoting a diverse and inclusive working environment. This information is used for monitoring and reporting purposes only and will only be shared in an anonymous, collective format.

GENDER/SEXUAL ORIENTATION

Our company does not discriminate on the basis of sexual orientation, gender identity, or gender expression. But to track the effectiveness of our recruiting efforts and ensure we consider the needs of all our employees, please consider the following optional questions.

Transgender is an umbrella term that refers to people whose gender identity, expression or behavior is different from those typically associated with their assigned sex at birth. Other identities considered to fall under this umbrella can include non-binary, gender fluid, and genderqueer – as well as many more.

Your voluntary cooperation is appreciated. Thank you.

Sex Select...

Ethnicity - Please check the appropriate box below. Select...

Race - Please check the appropriate box(es) below. Select...

Veteran Service - Do you identify as a veteran of the United States Armed Forces? Select...