Security Risk Manager

About the Role

We are looking for an experienced Security Risk Manager to lead and enhance our organization's risk management strategy. In this role, you will be responsible for identifying, assessing, and mitigating security risks across the company. The ideal candidate will have a strong background in risk management, security compliance, and third-party risk assessments, with at least 5 years of experience in information security or a related field. Your expertise will be essential in ensuring that security risks are properly managed, aligned with business objectives, and compliant with industry standards.

Key Responsibilities

• Develop and oversee the security risk management framework, ensuring alignment with ISO 27001, SOC 2, NIST, GDPR, and other relevant standards.

• Identify, assess, and prioritize security risks across internal systems, third-party services, and business operations.

• Conduct risk assessments and drive risk mitigation strategies in collaboration with cross-functional teams.

• Lead third-party risk management processes, including security evaluations of vendors and service providers.

• Establish and maintain security policies, risk registers, and controls to reduce overall risk exposure.

• Work closely with compliance, legal, IT, and business teams to ensure regulatory and contractual security requirements are met.

• Provide regular risk reports to senior management, offering clear insights and recommendations.

• Continuously monitor emerging threats, vulnerabilities, and industry trends to proactively adjust risk management strategies.

• Support security awareness initiatives by communicating risk-related findings and recommendations across the organization.

• Manage security awareness programs, ensuring employees understand cybersecurity risks and best practices.

• Define and track key metrics for employee security awareness, linking awareness levels to overall risk posture.

Qualifications & Requirements

• Minimum 5 years of experience in Information Security, Risk Management, or Compliance.

• Strong knowledge of ISO 27001, SOC 2, NIST, GDPR, and other security frameworks.

• Proven experience conducting risk assessments, security audits, and third-party risk evaluations.

• Hands-on experience in developing and implementing risk management policies and controls.

• Strong analytical and problem-solving skills with the ability to assess complex security risks.

• Excellent communication skills, with the ability to present risk findings to both technical and non-technical stakeholders.

• Experience working with cross-functional teams and influencing decision-making processes.

• Experience in managing security awareness programs, understanding methodologies, approaches, and best practices.

• Knowledge of key metrics for measuring awareness effectiveness and the connection between employee awareness levels and security risks.

• Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Auditor are a plus.
  

  What We Offer:

  • Fully remote work from anywhere in the world.
  • Flexible working hours.
  • Competitive compensation paid in a convenient format.

  • Opportunity to shape the future of analytics in a leading mining pool, with deep exposure to the crypto industry.

  If youre ready to take full ownership of the analytics function and drive high-impact decisions in a fast-growing environment wed love to hear from you.