Lead – Cyber & Technology Risk

About Us:

Allocated Bullion Exchange (ABX)

Allocated Bullion Exchange (ABX) is the world’s leading electronic institutional exchange for allocated physical precious metals. The ABX brings global trading, price discovery, and clearing facilities into one standardised and secure online trading environment via our groundbreaking exchange trading platform, MetalDesk. 

The exchange introduces a new, centrally cleared, transparent, and cost-effective allocated exchange system and standard for the industry by offering precious metal market participants an exchange where they are able to trade, deliver, or store physical precious metal in 7 global locations. ABX gives market participants across the world direct access to one integrated and consolidated global wholesale bullion market. We have enhanced market efficiency, introduced inclusiveness and accessibility, and provided relevant real-time price discovery. 

ABX has Modernised, Globalised & Integrated the precious metal markets by redefining the way physical bullion is traded. We connect all major global liquidity centres and break down the barriers to entry to the global wholesale market for all market participants.

About the Role (Job Description):

We are looking for a Lead, Technology Risk to strengthen technology risk governance, cyber resilience, and operational oversight across our digital asset and payments ecosystem.

This role will work closely with Information Technology, Product, Security, Compliance, and Operations teams to identify, assess, and manage technology-related risks across our platforms, wallet infrastructure, payment systems, and third-party integrations.

The ideal candidate combines strong technology risk and cybersecurity governance experience with a practical understanding of fintech, cloud infrastructure, digital assets, and payment ecosystems.

Key Responsibilities

• Drive and maintain the company’s Technology Risk Management (TRM) framework, policies, and governance standards.
• Perform technology and cybersecurity risk assessments across infrastructure, cloud environments, wallet systems, applications, APIs, and third-party services.
• Support audit and regulatory readiness activities, including remediation tracking and control improvement initiatives.
• Monitor and assess risks relating to digital asset infrastructure, payment systems, custodial and non-custodial environments, and operational resilience.
• Partner with Information Technology and Security teams to strengthen controls around access management, incident response, change management, monitoring, and vendor oversight.
• Support incident management activities, including risk assessment, escalation review, remediation tracking, and post-incident analysis.
• Develop and maintain risk reporting, dashboards, and Key Risk Indicators (KRIs) to support management visibility and decision-making.
• Promote strong risk awareness and governance practices across business and technology teams.
• Stay informed on emerging cybersecurity, fintech, and digital asset risks, technologies, and industry developments.

Requirements:

• 10 years of experience in Technology Risk, Information Security, Cybersecurity Governance, IT Risk, IT Audit, or related fields.
• Experience within fintech, payments, digital assets, blockchain, or regulated financial services environments is strongly preferred.
• Strong understanding of technology risk governance, cybersecurity controls, cloud infrastructure, operational resilience, and vendor risk management.
• Familiarity with digital asset infrastructure, wallet environments, payment/card ecosystems, and blockchain operational risks.
• Experience supporting audit remediation, regulatory readiness, and control assessments.
• Good understanding of security and governance frameworks such as ISO 27001, NIST, CIS Controls, PCI-DSS, or similar.
• Strong stakeholder management and communication skills, with the ability to work effectively across technical and non-technical teams.
• Professional certifications such as CISSP, CISM, CRISC, CISA, or ISO27001-related certifications are advantageous.

What We Offer:

• Flexible working arrangements
• Competitive salary
• Ongoing professional development
• Welcoming and supportive culture
• Diverse, global team