Binance is the leading global blockchain ecosystem and cryptocurrency infrastructure provider whose suite of financial products includes the world’s largest digital-asset exchange.
Our mission is to accelerate cryptocurrency adoption and increase the freedom of money.
If you’re looking for a fast-paced, mission-driven organization where opportunities to learn and excel are endless, then Binance is the place for you.
Responsibilities:
- Oversee and actively participate in the establishment, implementation, and refinement of the IT security function and framework for the Binance platform in Luxembourg.
- Manage outsourced suppliers, ensuring their compliance with our security standards through active involvement.
- Conduct and engage in Security Risk Management with all stakeholders according to Security Risk Management Frameworks.
- Serve as the accountable Senior Manager for the Security function for Binance in Luxembourg.
- Work as part of the three lines of defense model to ensure the security of funds, data, and systems.
- Ensure all security obligations for governance, regulatory, and compliance matters are met.
- Take an active role in delivering Security Risk Management as part of the management team and Board of Directors.
- Advise and be directly involved in the annual IT audit plan and other internal and external audits related to Security Risk Management.
- Drive cyber security assessments and penetration tests as per the PASSI testing framework.
- Lead hands-on IT security risk management for new projects and any integration with third-party vendors.
- Ensure all third-party integrations adhere to required security standards, including but not limited to SLA in contractual agreements.
- Manage the local security effort and contribute to the continual improvement of the global department.
- Be accountable for hands-on security incident management, including prompt reporting to senior management and other teams.
- Work with the Risk Function to ensure effective and adequate Business Continuity Plans.
- Oversee day-to-day Security Risk Management and reporting to the Luxembourg executive leadership teams.
- Facilitate internal and external audits, penetration testing, and all regulatory compliance obligations to ensure they are continually met and reported to global and local stakeholders.
Requirements:
- Proven track record of working in international companies, with experience in cybersecurity within a regulatory context.
- A combination of senior management experience and deep cybersecurity expertise is mandatory.
- Active contributor to the security community through published materials or participation in international conferences.
- Demonstrable experience working in a global team within a rich, multicultural, and fast-paced environment.
- 10+ years of experience in security and technology compliance within the finance sector.
- Bachelor's degree or higher in information technology, cybersecurity, or a related field.
- Proven track record of self-motivated leadership, with excellent communication and listening skills.
- Proven experience in directly managing cybersecurity operations and actively contributing to their implementation.
- Hands-on experience in delivering global projects involving international data privacy and information security frameworks, including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, PASSI audits, and PCI-DSS.
- A commitment to excellence by default, with a passion for collaboration and team achievement.
- Demonstrable experience in delivering effective business and technical security solutions, processes, tools, and project management within high-performing teams.
- A strong passion for the latest cybersecurity trends and emerging threats is essential.
- Mandatory experience in engaging directly with regulatory bodies and implementing their recommendations.
- ISO 27001 Lead Auditor, and/or certifications from ISC2, ISACA, GIAC, PASSI are a plus.
- Fluency in English is essential, French would be beneficial.
- Luxembourg based.
