Senior Security Compliance Manager

San Francisco Bay Area (preferred), New York City, Remote US locations

Who are we?

FalconX is a pioneering team of operators, investors, and builders committed to revolutionizing institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industry's foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever-evolving cryptocurrency landscape.

Senior Security Compliance Manager (IC)

San Mateo/ New York/ Chicago or Remote

We are one of the fastest-growing startups in FinTech. We are redefining prime brokerage from the ground up.

We deliver institutional digital asset traders best-in-class trading, credit, custody and structured products. We trade, lend and secure tens of billions of dollars monthly, are highly profitable, and growing fast, so we need your help!

We are data-driven. Whether it's a growth or product decision, we believe data can always help us make more precise and informed choices.

We move fast. Speed of execution is essential for any startup, but we believe this is even more pertinent in our 24/7 industry.

We prioritize learning. Outcomes are mission-critical, but we also believe that learning in success and in failure will drive our continued success. Our industry is emergent - there’s no shortage of experiments to get involved with and to continue growing and learning together.

FalconX has offices in San Mateo, Bangalore and Chicago.

What will be my impact?

At FalconX, you’ll help create a more open financial system. In building the trading, credit and custody infrastructure, we are enabling thousands more institutions to enter the market and support a more open and accessible financial system. The world’s largest financial institutions from Wall Street to Silicon Valley will turn to you for products that provide unparalleled seamless, efficient and secure access to the cryptocurrency sector.

Responsibilities

• The Senior Manager of Security Compliance is responsible for setting the strategic direction of the Risk Management and Technical Compliance programs focusing on SOC2, SOC1, and other cybersecurity certifications.
• Assist in conducting an independent assessment of cybersecurity risk and provide reporting and insight to the company's Senior Leadership Team.
• Collaborates with risk owners to identify emerging cybersecurity risks, maintain a robust risk register, and document risk plan mitigations as part of maturing a cybersecurity risk management program.

You look like -

• At least seven years of security GRC risk experience, with a strong focus on IT audit, cybersecurity risk management, ITGC control management, and testing to meet SOC1, SOC2, and ISO27001 certifications at a minimum.
• Familiarity in implementing NIST Cybersecurity Framework and other relevant security frameworks.
• The ability to work with a team to accomplish organizational goals and to have the flexibility to shift across various Security Compliance subject matter areas seamlessly, including third-party risk Management, Customer Trust.
• Outstanding communication skills communicating with various stakeholders, including engineering, finance, legal, and auditors.
• Ability to navigate successfully through various internal departments and functional groups.
• Must be able to build and foster strong partnerships with business, corporate teams, and service provider.

Experience -

• 7+ years of progressive experience in a fast-growing company, public accounting, or tech consulting firm serving as IT audit Leader or Security GRC leader.
• Experience in high growth/dynamic/fluid industries or companies is strongly preferred.
• Demonstrated thorough knowledge of internal audit principles, best practices, and procedures and their application to security compliance.
• Proven strength with process change and continuous improvement.
• Proven ability to conduct risk assessments (SOC2, PCI, ISO27001, NIST CSF).
• Strong technical acumen, fluent in modern SSDLC and components including CI/CD pipeline, use of tools like GitHub, Jenkins, etc.
• Experience partnering with technical teams, i.e., developers and engineering teams, and translating regulatory requirements to these stakeholders.

Base pay for this role is expected to be between $233,000 - $335,000USD for New York City and San Francisco Bay Area. This expected base pay range is based on information at the time this post was generated. This role will also be eligible for other forms of compensation such as a performance linked bonus, equity, and a competitive benefits package. Actual compensation for a successful candidate will be determined based on a number of factors such as location, skillset, experience, and qualifications.

Inclusivity Statement

FalconX is committed to building a diverse, inclusive, equitable, and safe workspace for all people. Our roles are intended for people from all walks of life. We encourage all those interested in applying to our organization to submit an application regardless if you are missing some of the listed background requirements, skills, or experiences!

As part of our commitment to inclusivity, FalconX would like to acknowledge that the EEOC survey has limited potential responses that you can select. For legal reasons, FalconX must use this language to align with federal requirements, however, we want to ensure that you are able to provide a response to our own voluntary survey questions about your identity that best aligns with your most true self.

FalconX is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, national origin, ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, or any other legally-recognized protected basis under federal, state, or local law.

Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on FalconX. Please inform FalconX’s People team at recruiting@falconx.io, if you need assistance with participating in the application process.