Risk Manager/Risk Officer

CEX.IO Europe is a licensed Virtual Asset Service Provider (VASP) under the Banco de España, currently upgrading its authorization to a Crypto-Asset Service Provider (CASP) under the EU Markets in Crypto-Assets Regulation (MiCAR).

We are seeking an experienced Risk Manager / Risk Officer in Spain.
This role focuses entirely on the daily maintenance of our risk management framework.
You will bridge the gap between strategic risk appetite and day-to-day execution, ensuring our operations remain resilient, secure, and fully compliant with MiCAR and DORA frameworks.

Given the regulatory overlap, candidates with solid backgrounds in Electronic Money Institutions (EMIs), payment systems, or traditional finance safeguarding frameworks are highly encouraged to apply.

Key Responsibilities

• Maintain and operationalize the comprehensive Enterprise Risk Management (ERM) framework and policies.
• Conduct regular risk assessments targeting financial, operational, cyber, and crypto-specific threats (e.g., custody risks, settlement risks, and blockchain-specific vulnerabilities).
• Monitor and track daily Key Risk Indicators (KRIs), flagging emerging trends and vulnerabilities to the team before they impact operations.
• Partner with internal business lines to ensure risk policies are actively embedded.
• Assist in preparing documentation and evidence for the Banco de España, CNMV, and external auditors regarding risk management and compliance metrics.
• Support the execution and rigorous testing of business continuity, crisis management, and ICT response plans to ensure full alignment with DORA requirements.
• For entities managing tokenized frameworks or fiat components, monitor safeguarding regimes and capital requirements to maintain strict compliance with EU standards.
  
  

Essential Experience & Qualifications

• 3 to 5+ years of hands-on experience maintaining risk management functions within a payment system, EMI, financial infrastructure, or crypto-asset environment. Holding a recognized professional certification in a related field is an asset.
• Strong working knowledge of the Spanish regulatory landscape (Banco de España, CNMV) and the evolving EU MiCAR framework. Experience with PSD2/E-Money Directive safeguarding or DORA compliance will be an advantage.
• Practical understanding of crypto-asset mechanics (DLT, custody protocols, blockchain analytics tools).
• Native or fluent Spanish (essential for local operations) and proficiency in English (required for group-level collaboration).