## WHAT YOU’LL DO:
Act as primary point of contact for EU/UK regulators
Attend industry events and participate in industry discussions about regulation and frameworks
Contribute to periodic assessments of Ripple’s IT and Information security risks
Support and maintain security controls mapped to EU and UK information security and privacy compliance requirements in Ripple Unified Control Framework
Lead all aspects of outsourced IT services provided by related entities within the Ripple Group
Provide periodic updates to Ripple’s Irish and UK Board of Directors on the InfoSec program
Participate in Information Security and privacy-related audits and examinations conducted by external parties within the EU/UK region
Assist InfoSec Governance function to develop and maintain InfoSec Policies, Standards and Procedures relevant to InfoSec and privacy compliance
Work with the Governance team to prepare metrics and reports for UK/EU management and regulators on the status of InfoSec objectives
Support the GRC team in evaluating and responding to EU/UK customer/prospect questions and audits
Remain up to date on current security laws, regulations and standards
Assist the Sr InfoSec Risk Manager to develop effective remediation plans for control deficiencies relevant to regulations and compliance requirements; Perform control testing, document and communicate results in work papers and written reports for the successful certification on an ongoing basis
Perform security awareness training for employees
Support all GRC recurring tasks and control related activities within the UK/EU region
Work collaboratively with Finance, Compliance, Privacy and Legal teams to identify and manage data compliance requirements unique to the EU & UK markets. Make recommendations on improving compliance related processes and/or procedures
Support regional Security Assurance customer activities, such as assisting in drafting of region-specific security messaging, security due diligence responses, customer security contractual language, etc.
## WHAT YOU'LL BRING:
Degree or equivalent in Computer Science or related field
10 years of experience in InfoSec with a specialization in one area of GRC
A broad understanding of security domains
Experience working with regulators and auditors
Experience with electronic money or payments regulatory standards and audits and ITGC Control audits
Previous approval from the Central Bank of Ireland as a PCF-49
Proficiency with common information security frameworks including PSD2, ISO 27001, GDPR, MiCA, SOC2, and NIST CSF
Demonstrated ability to collaborate across teams
Proven organizational, project management and documentation skills
Familiarity and experience with IT/Security/GRC toolset, such as : Jira, Confluence, and other GRC platforms etc.
Ability to analyze empirical evidence and technical reports, identify root causes, work with teams to determine solutions to remediate gaps.
Familiarly with different cloud concepts and tooling including AWS, GCP
Someone willing to adapt to change in a fast paced environment
Experience with cloud-native pre-IPO startup companies
Experience with AWS security services and tooling
Desirable certifications: CISSP, CISA, PMP
Apply Now
Apply Now