Building the Future of Crypto 

Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.

What makes us different?

Kraken is a mission-focused company rooted in crypto values. As a Krakenite, you’ll join us on our mission to accelerate the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. For over a decade, Kraken’s focus on our mission and crypto ethos has attracted many of the most talented crypto experts in the world.

Before you apply, please read the Kraken Culture page to learn more about our internal culture, values, and mission.

As a fully remote company, we have Krakenites in 60+ countries who speak over 50 languages. Krakenites are industry pioneers who develop premium crypto products for experienced traders, institutions, and newcomers to the space. Kraken is committed to industry-leading security, crypto education, and world-class client support through our products like Kraken Pro, Kraken NFT, and Kraken Futures.

Become a Krakenite and build the future of crypto!

Proof of Work

The Team

Kraken is seeking a dedicated and proficient Senior Associate to support the growth and refinement of our security third party risk management (TPRM) program. The ideal candidate brings a strong background in information security and IT, combined with practical experience in third-party risk management and M&A processes. Entrepreneurial spirit and comfort with iterating quickly is a must.

The Opportunity

• TPRM Program Development

  • Provide support in shaping and advancing our TPRM program, emphasizing practical, efficient, and scalable systems

  • Assist in the refinement of vendor classification, tiering, and engagement strategies

  • Design controls and risk management strategies to monitor and hold critical vendors accountable to Kraken’s security standards, leveraging technology to create a streamlined ecosystem for vendors and Krakenites to engage in a secure manner

• Risk Assessment & Controls Monitoring

  • Support Kraken’s vendor management program by assessing potential third party engagements and identifying security risks, supporting adherence to Kraken’s policies and providing recommendations on how to mitigate risk

  • Perform annual assessments of Kraken’s utilization of critical vendors, regularly reviewing SOC attestations and validating critical vendors are performing to the CIA triad expectations, ensuring major security features and upgrades are rolled out appropriately, and defining metrics to continuously monitor, reduce, and mitigate risk

  • Manage identified risks through risk mitigation, remediation or acceptance workflows

  • Evaluate performance to relevant IT & security regulations and standards in the context of third party engagements and acquisitions

• Assist in M&A Security Due Diligence & Integration Efforts

  • Support the assessment of security aspects of potential acquisitions, including vendor management, data security practices, and security architecture

  • Participate in the program management of secure integration post-acquisition, maintaining vigilance over vulnerabilities and ensuring the closure of critical security gaps

• Project Support and Reporting

  • Drive projects related to maturing third-party risk management and M&A activities

  • Analyze, clean, and interpret third party risk data to support value-driving insights and initiatives. Assist in development of key risk indicators and associated dashboards

  • Perform analyses and prepare reports on the TPRM program, inclusive of both vendor engagements and post-acquisition integration activity

• Stakeholder Collaboration

  • Work closely with internal teams and contract counterparties including Corporate Development, Engineering, Legal, Finance, Vendor Management, and other operational teams to ensure a holistic approach to third party security risk management

  • Develop documentation and training materials to bolster Kraken’s overall awareness and posture with respect to vendor risk, from RFP to offboarding

Skills you should HODL

• Experienced operator with impeccable empathy for understanding stakeholder perspectives

• Tenacious self-starter who desires to be part of an agile, skunkworks-style team

• Bachelor’s degree or above in IT, Cybersecurity, Business Administration, Engineering, or related fields

• Demonstrated (at least 5 years) experience in IT, cybersecurity, and involvement in third-party risk management and M&A activities

• Strong understanding of IT systems, network infrastructure, cybersecurity principles, and third party risk management

• Practical experience working with ISO27001, SOC 2 Type II, and similar security standards

• Proficient in Google Sheets and experienced in navigating SaaS application administration and no-code configuration

• SQL and Tableau experience is a strong plus

• You thrive in environments characterized by volatility, uncertainty, complexity, and ambiguity where you get to utilize your resourceful and creative problem solving nature to facilitate alignment, coordination and overall project momentum through completion

Location Tagging: #LI-Remote #LI-DA1

Kraken is powered by people from around the world and we celebrate all Krakenites for their diverse talents, backgrounds, contributions and unique perspectives. We hire strictly based on merit, meaning we seek out the candidates with the right abilities, knowledge, and skills considered the most suitable for the job. We encourage you to apply for roles where you don't fully meet the listed requirements, especially if you're passionate or knowledgable about crypto!

As an equal opportunity employer, we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws. 

Stay in the know

Follow us on Twitter

Learn on the Kraken Blog

Connect on LinkedIn