Hacker News mode
Safe for work mode
👉 Hiring for a Remote position?on the 🏆 #1 Remote Jobs board.
Remote Health by SafetyWing
Global health insurance for remote workers and nomads
IT & Security Leadclosed
💰 $63k - $118k*
This job post is closed and the position is probably filled. Please do not apply. Work for Chorus One and want to re-open this job? Use the edit link in the email when you posted the job! 🤖 Closed by robot after apply link errored w/ code 403 2 months ago
\nChorus One is one of the leading operators of infrastructure for Proof-of-Stake networks and decentralized protocols. Tens of thousands of retail customers and institutions are staking billions in assets through our infrastructure helping to secure protocols and earn rewards. Our mission is to Operate infrastructure for decentralized networks that increase freedom and sovereignty.\n\n\nWe are a diverse team of around 50 people distributed all over the globe. We value radical transparency, striving for excellence and continuous improvement while treating each other with kindness and generosity. If this sounds like you, we'd love to hear from you.\nTo support the company’s growing security needs Chorus One is looking for an IT & Security Lead to join our team. You will be the security and compliance subject matter expert within Chorus One and be responsible for leading compliance projects end to end, from planning phase through execution, closure phase and ongoing monitoring. \n\n \n\n\n\n\n\nYOUR RESPONSIBILITIES AS A SECURITY LEAD\n\n\n* Act as project lead for the implementation of ISO 27001 certification and subsequent certifications arising from business needs, collaborating with teams and stakeholders to ensure successful implementation within a given timeline.\n\n* Work with teams and stakeholders to develop, implement, and maintain information security policies, procedures, and standards to comply with business relevant security standards and frameworks (ISO 27001, SOC 2) as well as relevant legal and regulatory requirements.\n\n* Coordinate vulnerability assessments and penetration tests on network systems and applications (Chorus One’s public APIs).\n\n* Monitor and conduct internal audits of the system environment, policies and procedures. Develop and maintain timelines, roadmaps, and list of required tasks for various teams based on the outcomes.\n\n* Analyze and report on security threats and incidents, triage resolution, and develop controls and strategies to mitigate those risks.\n\n* Research and recommend security solutions to mitigate security risks and improve existing practices and technologies to align with the organization's risk tolerance and ensure regulatory compliance.\n\n* Assist sales in responding to prospect and customer inquiries about Chorus One’s security and compliance posture.\n\n* Administer security and awareness training for the team.\n\n\n\n\nYOUR RESPONSIBILITIES AS AN IT LEAD\n\n\n* Administer and configure our services such as Google Workspace, Slack, Bitwarden, Notion, and SSO integration between them, manage software licenses.\n\n* Provide technical support to our employees and keep our internal knowledge base up to date.\n\n* Provision laptops for new hires (Mac and Linux, Windows to be decided) and maintain an asset register of our corporate devices.\n\n* Work with stakeholders to set processes and policies. For example, set up a BYOD policy, streamline our onboarding flow, etc.\n\n* Adopt processes and tools to ensure that our corporate devices are secure, up to date, and free of malware.\n\n* Researching, proposing, implementing, documenting, testing and supporting new solutions that make our internal IT easier to manage and secure.\n\n* Streamline our retreats to make them inclusive for remote attendants, and manage the AV equipment and other hardware for this. Several times per year we meet physically to present and discuss company plans, but now that we’ve grown to more than 50 people, inevitably some people are unable to attend in person, so they dial in through a video call.\n\n\n\n\n\n\n\n\nWhat we are looking for:\n\n\n* Experience leading and implementing security frameworks, such as ISO 27001, SOC 2, GDPR from start to finish.\n\n* 5+ years of relevant Information Security experience.\n\n* Functional knowledge of security domains and information security industry standard and best practices.\n\n* Proven experience in building and maintaining security policies and controls, processes, and procedures.\n\n* Expertise in security architecture and design, network security, and data protection.\n\n* Ability to identify security threats and vulnerabilities within an organization and develop suitable countermeasures.\n\n* Ability to identify and recommend tools, processes, and software to automate and continuously improve security and compliance practices.\n\n* Strong organizational skills, proactive and self-sufficient with a proven ability to work independently and prioritize deliverables.\n\nStrong communication and interpersonal skills to liaise with stakeholders.\n\n\n\n\n\n* \nExperience with Linux system administration, mostly on the workstation side (e.g. setting up LUKS volumes, user accounts, bootloaders, etc.)\n\n* Experience with Mac system administration.\n\n* Experience with centralized device and account management solutions.\n\n* Knowledge of LDAP and directory servers.\n\n* Strong troubleshooting skills.\n\n* Strong security mindset and knowledge of common attack vectors on the hardware and software level.\n\n* A desire to automate repetitive tasks.\n\n\n\n\nDesirable:\n\n\n* Previous work experience in the crypto space and understanding of blockchain technology and associated risks.\n\nCertifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor / Implementer or similar.\n\n\n\n\n\n* Prior experience with helping a company grow their IT infrastructure from something that works for ~20 people into something that can handle hundreds of people.\n\n* Experience with Wireguard.\n\n* Experience with Windows system administration.\n\n* Experience with a scripting language such as Python.\n\n\n\n\n\n\n\n\nWhat we offer:\n\n\n* Autonomy and ownership in a friendly and supportive work environment and the opportunity for rapid growth.\n\n* Remote, but not alone. We are a strong global collaborative environment.\n\n* Gather experience and build your network in the crypto ecosystem.\n\n\n\n\n\n* 80,000-110,000 EUR/year compensation + benefits, equity\n\n* All-expense paid quarterly team retreats at various destinations (Coronavirus permitting). Past retreats took place in Greece, Portugal, Egypt, Serbia, Kenya, USA, South Korea, and Dubai.\n\n* Remote working budget (Laptop, co-working space, etc)\n\n* Personal development budget\n\n\n \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Crypto, Testing, Video, Legal, Sales and Linux jobs that are similar:\n\n $62,500 — $117,500/year\n \n\n#Location\nRemote job
# How do you apply?\n\nThis job post has been closed by the poster, which means they probably have enough applicants now. Please do not apply.
Recommended remote workers for this job
One year of experience in Customer Support in IBM and two years of experience on Identity and Access...
Steven is a Panamanian born polymath, world traveler, polygon pusher, yogi. His career started aroun...
Digital Marketer with +10 years of experience in marketing, management, customer support, SEO and st...
Security Architect/Engineer trying to help...