Identity Privileged Access Control Manager, Bulgaria
Sofia, Bulgaria
Security – Application Security /
Full-time /
Hybrid
The Cybersecurity and Data Privacy team reports directly under the office of the CISO headed by Chief Information Security Officer (CISO) Jason Lau (https://www.linkedin.com/in/jasonciso/) who has over 23+ years of experience in the cybersecurity space, awarded Global Top 100 CISO, and also serves on the World Economic Forum, International Association of Privacy Professionals and more. The team comprises of multiple functions from Blockchain Security, Operational Security, Security Governance and Compliance and more. We drive a culture of having a growth mindset and being humble to help everyone achieve their potential. Security and Data Privacy Compliance first strategy which has been at the core of our company. The security team helped to drive us to be the first Crypto company worldwide to achieve ISO27001, ISO27701, ISO22301 and PCI:DSS 3.2.1 (Level 1) certifications. Extremely detailed third party attested by international audit firm SGS and achieved "Adaptive (Tier 4)" – the highest level possible for the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework as well as SOC2 and many other regional certifications like the Data Protection Trust Mark.
About The Role
The Identity Security Team at Crypto.com team protects our data and the privacy of our customers seriously. Prevents identity risk events through effective and proactive management of cyber security, privacy, and operational risk.
The Identity and Access Management Services team is responsible for managing the Services and Controls that deliver stable and efficient Identity & Access services to Crypto.com, The IAM services and controls are key to the group as they provide the Right People are provided the Right Access to the Right Resources with the Right Audit trails.
Technologies: Microsoft Azure (Entra ID), Okta, AWS, IaC (Terraform), and any other IAM technologies is plus.
Responsibilities:
- Deliver control management, ensuring services are maturing and evolving along with the Business risks so that the organization is adequately defended against identified threats, risky access paths, and/or inappropriate access;
- Proactively manage risk, internal, and external audit obligations and responsibilities, in line with the group's operational risk management framework;
- Tracking open issues to ensure timely completion, and coordinate review, investigation, and remediation;
- Forge strong relationships with business stakeholders, project teams, and operational teams;
- Working with Service Managers and other key stakeholders across the Group to ensure that service design is fit for purpose to meet the control objectives;
Requirements:
- 3-5 years of experience with cloud operations, any identity-related tooling platforms, and understanding of identity protocols. Previous experience in a risk-related role, with a deep understanding of IT security-related risks and audit processes;
- Degree in Computer Science or Engineering or Information Technology or similar discipline;
- Technical and Industry certification i.e. (AWS, Azure, CISSP);
- Strong understanding of Identity Cloud Infrastructure. Azure-Native and AWS Services;
- Experience with AWS and Azure Infrastructure as Code (IaC) methodologies;
- Experience in deploying in various cloud technologies (Azure, Google, Amazon);
- Strong understanding of Authentication and Authorisation Protocols;
- Good working knowledge of application, and infra-integration patterns;
- Scripting skills with PowerShell and/or Python is an advantage;
- Good working knowledge of security monitoring and logging tools;
- Proven track record and experience of project deliveries;
- Experience in organizational change management;
- Strong ability to collaborate with cross-functional teams and external partners;
- Excellent communication skills to interact effectively with stakeholders;
- Self-sufficient and have good time management skills;
- Demonstrate attention to detail with an analytical mindset;
- Proficient written communication skills in English;
Life @ Crypto.com
Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.
Transformational and proactive working environment. Elevate employees to find thoughtful and innovative solutions.
Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.
Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.
One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet.
Are you ready to kickstart your future with us?
Benefits
Competitive salary
Medical insurance package with extended coverage to dependents
Attractive annual leave entitlement including: birthday, work anniversary
Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up
Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope.
Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team.
About Crypto.com:
Founded in 2016, Crypto.com serves more than 80 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem.
Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team.
Personal data provided by applicants will be used for recruitment purposes only.
Please note that only shortlisted candidates will be contacted.
