📝 DRAFT — Cyber Security Team Manager at Input Output Hong Kong - "IOHK"

Cyber Security Team Manager Input Output Hong Kong - "IOHK" 💼 Tech ⏰ Full Time 🌍 Remote

posted 2158 days ago ✅ 4 applications

About the Job

Founded in 2015 by Charles Hoskinson and Jeremy Wood, IOHK is a technology company committed to using peer-to-peer innovations to provide financial services to the three billion people who don’t have them. We are an engineering company that builds cryptocurrencies and block chains for academic institutions, government entities and corporations. We are a decentralized company that loves small innovative teams forming and executing ideas that cause cascading disruption.

Job Description

We are looking for a talented, specialised Security Manager to join our growing in-house Security team. The prospective candidate will oversee and coordinate the security process, from research to product development, and will be working with internal teams on embedding Security across IOHK’s project line.

The prospective candidate will be expected to assemble a team and work directly with research, engineering and Project Management (BA’s, Test and Quality, Cryptography and management teams throughout the current and future set of projects

The individual should have an excellent understanding of Security requirements in the Development lifecycle and have an excellent and detailed understanding of the threats and risks that need to be addressed in the development life cycle, specifically in the blockchain / cryptocurrency area.

Responsibilities
 Assessment of security requirements to meet control objectives and risk appetite
 Review of solutions to assess security compliance
 Interact with the IOHK research team and oversee compliance - Review of relevant research papers and oversee the compliance of the implementation
 Leading teams to deliver security change in complex distributed applications
 Defining and formally specifying security requirements
 Integrate usability studies, research and market analysis into product requirements to enhance user and platform security
 Establish direction for the team by prioritizing roadmaps and implement strategies for executing, measuring progress, and communicating results against these goals that will advance the organization's productivity through thoughtful technology.
 Mentor, coach, develop and support team members of the Application Security Engineering group.
 Develop strategy for a global, scalable, and optimal set of security solutions to support Security Systems Lifecycle Management
 Partner with key technical teams and stakeholders to organize and facilitate security workflow and process automation alignment discussions
 Serves as a resource to requestors of IT demand and project leaders to educate and assist them with implementing and complying with security requirements and workflow processes
 Create, update, manage and distribute updated security requirements, workflows, roadmaps and their respective detail through various tracking and reporting means.
 Oversee the regular review of current security processes, design and configuration to ensure those adhere to industry best practices, security standards and foster continuous improvement
 Establishes and maintains process governance for security standards across the various engineering-related organizations
 Proactively plans, coordinates and leads detailed training sessions with other security associates and stakeholders to educate on process changes, new tools/systems etc.

Required Qualifications:
 Master’s or PhD degree in Cyber Security
 Demonstrated ability to compose, review, and present scientific documents in the area of cyber-security
 A strong understanding of information and cyber security principles and best practices
 Strong understanding of the security requirements lifecycle process and software development lifecycle (SDLC)
 Proven experience and understanding of security analytics and code audit
 Proven expertise in developing and implementing processes, process integration and process changes
 Ability to develop and nurture strategic relationships with key stakeholders throughout the organizations.
 Experience with the oversight and building working relationships with Managed Security Services providers, as well as other integrated vendors and third parties included in operations.
 Proven experience in leading, organizing, prioritizing and communicating tasks for security engineers.
 Excellent security engineering aptitude and the ability to provide technical mentorship and guidance
 Strong interpersonal and technical presentation skills with the ability to effectively present information and develop others.
 Extensive programming experience, in particular with functional languages
 Working knowledge of the following regulations: PCI, Sarbanes-Oxley, HIPAA, GLBA, FISMA

Desired Qualifications:
 Demonstrated ability to pick up new products and platforms quickly, transferring skills and best practices when needed
 Able to build solid working relationships with peers and senior leadership
 Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organization
 Flexibility, ability to plan and organize, responsiveness, creativity, self-starter
 Experience with programming in Haskell / Scala

Key competencies
 Deep understanding of Application Security
 Deep technical understanding of blockchain and Cryptocurrency
 Can reason about complex & abstract problems