Information Security Officer

at  Binance

Binance is the leading global blockchain ecosystem and cryptocurrency infrastructure provider whose suite of financial products includes the world’s largest digital-asset exchange.
Our mission is to accelerate cryptocurrency adoption and increase the freedom of money.
If you’re looking for a fast-paced, mission-driven organization where opportunities to learn and excel are endless, then Binance is the place for you.

REQUIREMENTS:

• Proven track record of working in international companies, with experience in cybersecurity within a regulatory context.
• A combination of senior management experience and deep cybersecurity expertise is mandatory.
• Active contributor to the security community through published materials or participation in international conferences.
• Demonstrable experience working in a global team within a rich, multicultural, and fast-paced environment.
• 10+ years of experience in security and technology compliance within the finance sector.
• Bachelor’s degree or higher in information technology, cybersecurity, or a related field.
• Proven track record of self-motivated leadership, with excellent communication and listening skills.
• Proven experience in directly managing cybersecurity operations and actively contributing to their implementation.
• Hands-on experience in delivering global projects involving international data privacy and information security frameworks, including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, PASSI audits, and PCI-DSS.
• A commitment to excellence by default, with a passion for collaboration and team achievement.
• Demonstrable experience in delivering effective business and technical security solutions, processes, tools, and project management within high-performing teams.
• A strong passion for the latest cybersecurity trends and emerging threats is essential.
• Mandatory experience in engaging directly with regulatory bodies and implementing their recommendations.
• ISO 27001 Lead Auditor, and/or certifications from ISC2, ISACA, GIAC, PASSI are a plus.
• Fluency in English is essential, French would be beneficial.
• Luxembourg based.

• Oversee and actively participate in the establishment, implementation, and refinement of the IT security function and framework for the Binance platform in Luxembourg.
• Manage outsourced suppliers, ensuring their compliance with our security standards through active involvement.
• Conduct and engage in Security Risk Management with all stakeholders according to Security Risk Management Frameworks.
• Serve as the accountable Senior Manager for the Security function for Binance in Luxembourg.
• Work as part of the three lines of defense model to ensure the security of funds, data, and systems.
• Ensure all security obligations for governance, regulatory, and compliance matters are met.
• Take an active role in delivering Security Risk Management as part of the management team and Board of Directors.
• Advise and be directly involved in the annual IT audit plan and other internal and external audits related to Security Risk Management.
• Drive cyber security assessments and penetration tests as per the PASSI testing framework.
• Lead hands-on IT security risk management for new projects and any integration with third-party vendors.
• Ensure all third-party integrations adhere to required security standards, including but not limited to SLA in contractual agreements.
• Manage the local security effort and contribute to the continual improvement of the global department.
• Be accountable for hands-on security incident management, including prompt reporting to senior management and other teams.
• Work with the Risk Function to ensure effective and adequate Business Continuity Plans.
• Oversee day-to-day Security Risk Management and reporting to the Luxembourg executive leadership teams.
• Facilitate internal and external audits, penetration testing, and all regulatory compliance obligations to ensure they are continually met and reported to global and local stakeholders.