About KrakenOur mission is to accelerate the adoption of cryptocurrency so that you and the rest of the world can achieve financial freedom and inclusion. In our first decade, Kraken has risen to become one of the largest, most successful and respected crypto exchanges on the planet.
We are changing the way the world thinks about finance and our range of successful products are playing a critical role in the mainstream adoption of crypto assets. We continue to trail-blaze into new territory with the introduction of Kraken Bank, providing a more seamless integration between crypto and the traditional financial system. This makes us the first crypto company (ever) to be awarded a U.S. state banking charter.
Our diverse group of 2,000+ Krakenites are distributed all over the world as part of our 'remote first' culture, united by a shared passion for delighting customers, upholding crypto values and achieving our meaningful mission. We attract people who push themselves to improve, are radically transparent and think differently in order to unlock their potential.
Crypto is a rapidly evolving industry and we’re just getting started. We’re growing fast and you're invited to join the revolution!
About the roleNow we’re building a new type of regulated bank institution to service both digital assets and traditional financial services--Kraken Bank--Wyoming’s first Special Purpose Depository Institution (SPDI), based in Cheyenne. What is Kraken Bank?
As a member of Kraken Bank, the Information Security Manager will be responsible for assisting with the bank’s overall technical and systems security needs. This person will ensure the bank is adequately protected against threats, both internal and external, as well as architected and operated in compliance with relevant regulations in mind.
The Information Security Manager will report to the Chief Information Security Officer, Special Purpose Depository Institution. This is an exciting opportunity to help develop the information security program for a financial institution at the forefront of a rapidly expanding industry.
While we have a preference for candidates who are local to Wyoming, we are open to considering a fully remote position for the right person.Responsibilities
- Perform technical risk analysis for corporate functional and technical areas relevant to information security.
- Assist with the management of of internal audits and regulatory examinations
- Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks. Partner with various business areas to enhance security policies/procedures.
- Initiate, facilitate, and promote activities to foster information security awareness within the organization, including direct information security training to bank staff as needed.
- Oversee compliance with the organization's security policies and procedures among employees, contractors, alliances and other third parties, manage an information security incident response plan, and take corrective action as necessary.
- Oversee internal control systems, review internal network activity for unusual or inappropriate activity alongside other system access reports, to ensure that appropriate information access levels and security clearances are maintained.
- Monitor advancements in information security technologies as well as, changes in legislation and accreditation standards that affect information security.
- Assist in coordination of projects involving the bank’s systems to ensure that reasonable risk and security objectives are met. Ensure security best practices are identified and integrated into all facets of projects including network, system designs/configuration, and implementations.
- Review and present risk assessments, DR/BCP and GLBA testing schedules and results, and other relevant system and project status updates to the bank’s IT committee, broader management team and Board of Directors, as needed.
Requirements
- Strong knowledge of IT security management systems and frameworks (NIST, FFIEC, ISO, etc.), as well as financial services industry standards and best practices related to banking systems.
- Detailed knowledge of IT/IS risk assessment process, paired with an excellent ability to recognize control weaknesses and opportunities for process oriented or operational improvements and the development of viable risk mitigation strategies.
- Superior ability to assess risk and exercise judgment concerning complex problems, alongside the application of excellent investigative, analytical and problem-solving skills.
- Strong background in modern DevSecOps strategies.
- Detailed knowledge of cloud security.
- Appropriate previous professional experience and