Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.
What makes us different?
Kraken is a mission-focused company rooted in crypto values. As a Krakenite, you’ll join us on our mission to accelerate the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. For over a decade, Kraken’s focus on our mission and crypto ethos has attracted many of the most talented crypto experts in the world.
Before you apply, please read the Kraken Culture page to learn more about our internal culture, values, and mission. We also expect candidates to familiarize themselves with the Kraken app. Learn how to create a Kraken account here.
As a fully remote company, we have Krakenites in 70+ countries who speak over 50 languages. Krakenites are industry pioneers who develop premium crypto products for experienced traders, institutions, and newcomers to the space. Kraken is committed to industry-leading security, crypto education, and world-class client support through our products like Kraken Pro, Kraken NFT, and Kraken Futures.
Become a Krakenite and build the future of crypto!
We are seeking an experienced Regional Information Security and Business Continuity Manager to ensure Payward's European operations comply with security governance and operational resilience requirements, including MiCA, DORA, and other relevant regulations. As the key point of contact for regulators, you will develop and maintain security policies, procedures, and reporting requirements to ensure timely reporting and compliance. This role will also be pivotal in implementing and overseeing operational resilience programs, including business continuity management and disaster recovery planning.
This role requires a strong understanding of security frameworks, business continuity, and risk management, as well as excellent communication and project management skills.
Implement Payward's Operational Resilience and DORA Frameworks, ensuring compliance with the European regulatory authorities' approach
Understand the European regulatory authorities' approach to operational resilience, regional nuances and requirements, and integrate those expectations into the operational resilience framework
Develop, monitor, and challenge impact tolerances annually for critical/important business services
Develop and oversee annual resilience action plans, monitor operational resilience metrics, and conduct risk assessments
Develop and produce an annual Resilience report for the Board that gives assurance that the firm can recover from disruption
Manage tests of recovery strategies and develop business resilience processes for new asset classes
Interface with Regulators, prepare Regulatory Reporting Procedures, and ensure timely due diligence questionnaires and audit responses
Define the Regulatory Baseline, write MiCA-specific policies, and ensure regional security policies are maintained and adhered to
Relate regional/local business processes to global controls and policies, and propose global policy updates
Strengthen capabilities to respond to operational failures, review incident investigations, and participate in on-call, incident resolution, and reporting
Stay up-to-date with security governance developments and conduct regular internal reporting to brief the executive team and local Boards of Directors
At least 5 years of experience in IT management, security governance, and risk management, with professional certifications like CISSP, CISM, ITIL and equivalent
Strong understanding of security frameworks such as ISO27001 and/or SOC2
Experience in business continuity, risk management, or a related field
Ability to understand technical systems and the business processes they support, and synthesize the corresponding risks and controls
Strong communication and project management skills, with the ability to work collaboratively with cross-functional teams
Ability to prioritize and manage multiple projects and tasks with competing deadlines
Experience in the fintech industry, particularly in crypto/payments
Previous experience in managing inter-group outsourcing arrangements in accordance with CBI and EBA guidelines
Previous experience holding a Pre-Approval Control Function for a Central Bank of Ireland authorized entity strongly preferred
#LI-Remote #LI-GL1
This job is accepting ongoing applications and there is no application deadline.
Please note, applicants are permitted to redact or remove information on their resume that identifies age, date of birth, or dates of attendance at or graduation from an educational institution.
We consider qualified applicants with criminal histories for employment on our team, assessing candidates in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
Kraken is powered by people from around the world and we celebrate all Krakenites for their diverse talents, backgrounds, contributions and unique perspectives. We hire strictly based on merit, meaning we seek out the candidates with the right abilities, knowledge, and skills considered the most suitable for the job. We encourage you to apply for roles where you don't fully meet the listed requirements, especially if you're passionate or knowledgable about crypto!
As an equal opportunity employer, we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Stay in the know
Subscribe to Rise newsletter