Job Summary
Bitcoin Depot is seeking a Cybersecurity GRC Manager to collaborate with the Bitcoin Depot Infosec team, IT team, and compliance team to manage GRC (governance, risk, and compliance) and to automate and continuously monitor information security controls, exceptions, risks, and testing. As a GRC Manager, you will coordinate and manage internal and external security audits and certifications.
Bitcoin Depot is the largest Bitcoin ATM Network in the world offering users the ability to buy and sell Bitcoin at thousands of BTM and BDCheckout locations.
We are proud to be an Atlanta Journal-Constitution Top Work Place for 2021 and 2022, the inc 5000, and placing on the ACG Georgia Fast 40 list for two consecutive years. Additionally, we recently announced a definitive agreement for becoming a publicly listed company.
Responsibilities:
Support the management of Information Security governance and ensure adherence to Cybersecurity policies and standards.
Work closely with the IT Operations and Compliance team to ensure key Cybersecurity risks and issues are identified, addressed, and resolved in a timely manner.
Manage and review Cybersecurity policies based on NIST 800-53 framework
Manage training and security awareness programs.
Manage and participate in periodic security testing activities (e.g. penetration testing, DR exercises), including training of DR participants on roles and duties.
Manage internal and external audits and certification and security questionnaire responses.
Assist in generating internal and external relevant security metrics and reports for CISO and Cybersecurity Committee
Assist in general Information Security related issues as required, including potential interaction with the Security Operations team, Technology teams, and business stakeholders.
Preferred Qualifications:
3 or more years of Cybersecurity experience.
Recent experience of working in a similar capacity, preferably in a financial services organization.
Experience working within a structured security framework, such as NIST 800-53 or ISO 27001.
Excellent interpersonal skills, comfortable working at all levels within an organization and in a wide variety of situations.
An ability to translate security requirements and standards into easily understood business concepts and vice versa.
Relevant experience with certification/audit (e.g, GDRP, SOC Type I, Type II) is desirable.
Experience working with third-party vendors and reviewing and conducting annual VAQs
Relevant industry certification (e.g. CISSP, CISM, ISO 27001)
Work independently and have excellent communication skills
Experience working with cloud solutions AWS, Azure, and Google cloud
Preferred Certifications:
CISSP Or Equivalent
AWS Certification Practitioner Or Higher
Benefits:
Competitive Salary
401K Matching
Health benefits offered with a company contribution towards premiums
Paid wellness membership
Revenue Sharing Plan
Paid time off
Quarterly company celebrations
Advancement opportunities based on results
Bitcoin Depot provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
