GRC Operations Specialist

The world of digital assets is accelerating in speed, magnitude, and complexity, opening the door to new ways for leveraging the blockchain. Fireblocks’ platform and network provide the simplest and most secure way for companies to work with digital assets and it trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more.

We are looking for a passionate and experienced Governance, Risk, and Compliance (GRC) operations specialist to contribute to our company’s efforts in making Fireblocks the most security and trusted provider of digital asset management solutions. This role is critical in driving our day-to-day GRC programs, ensuring they are well maintained, run according to schedule, and align with our business needs.

As the GRC operations specialist, you will oversee the successful implementation and progress of GRC programs, practices, and projects, while collaborating with multiple cross-functional teams within the security department and outside of it.

What You Will Do

• Own, manage, and continuously improve the company’s Third Party Risk Management (TPRM) program, making sure it is both aligned with expected security standards and best practices, and meets business requirements and SLAs.
• Own, manage, and continuously improve the company’s security awareness program, making sure its scope, content, cadence and overall performance are always aligned with the latest and most relevant expectations, while also well received and relevant to the business.
• Manage ongoing operations within the GRC team including project management and tracking, financial planning and reporting, annual and periodic planning, and more.
• Drive ongoing GRC efficiency through innovation, automation, data-driven decision making research and exploration.
• Support and contribute to ongoing GRC operations such as internal and external audits, risk assessments, certification processes, policy management, business continuity program and more.
  
  

• Minimum of 3+ years of experience in cybersecurity or GRC.
• Proven experience in cyber or IT or third party risk management.
• Proven experience in the security awareness domain, including development and implementation of security training programs and their testing (phishing, vishing, social engineering etc.).
• Strong understanding of industry best practices, regulations, frameworks, standards and certifications such as SOC 2, ISO, NIST, CIS, DORA, GDPR, etc.
• Visionary and innovation-driven, capable of implementing security and compliance programs in complex, fast-paced organizations.
• Exceptional communication, collaboration, and interpersonal skills, with the ability to engage both technical and non-technical audiences.
• Strong analytical, problem-solving skills and attention to detail, with the ability to manage multiple projects simultaneously and meet tight deadlines.
  
  

• Experience working with GRC software and utilities such as compliance management, policy management, risk management, vendor management, awareness, training and phishing simulation platforms, etc
• Background in the financial/digital assets sector.
• Good technological understanding and familiarity with product development practices.