Senior Cyber Security Manager / CISO
Who we are
PowerTrade is a fast growing crypto trading platform for trading crypto options and other crypto derivatives. Our Android and iOS Apps are live in the respective App Stores, and offer a mobile- first trading experience that’s designed to be simple, fast and focused on trader success.
Our community is what keeps us focussed and dedicated to delivering our best. PowerTrade not only offers a mobile-first crypto options platform, but has also designed the PTF DAO token which governs a treasury covering traders in black-swan events. We want traders to be successful and do everything we can to educate and inform the trading community of opportunities in crypto.
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Work directly with the business units to facilitate risk assessment and risk management processes
- Develop and enhance an information security management system (ISMS) and framework.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services
- Provide leadership to the enterprise's information security organization
- Partner with business stakeholders across the company to raise awareness of risk management concerns
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
- Assist the Development team to implement and follow Cyber Security standards and best practices.
- Participate in cloud security projects, including Azure and AWS.
- Manage day-to-day tasks for cloud security, DAST/SAST, and SIEM tools.
- Lead the Incident Response effort, develop and enhance guidelines and procedures.
- Operate within modern security solutions such as next-generation AV/EDR, and email security solutions.
- Maintain an up-to-date understanding of the latest threats, vulnerabilities, mitigation, and industry best practices.
- Participate in the security review of in-house developed web, mobile, and desktop applications.
- Manage web, API, and infrastructure penetration tests including static code analysis and dynamic manual and automated testing.
- Conduct network remote scans of internal and external asset infrastructure.
Our Ideal Candidate
- At least eight years of professional experience in one of the areas: Security Engineering, SIEM, or Incident Response.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
- Experience in the following areas: web/API/infrastructure penetration testing, network security, network scanning.
- Experience with IT security tools such as Burp Suite Professional, Nessus/Tenable IO, nmap, SAST tools.
- Experience with Atlassian Confluence, JIRA, OpsGenie, IT Service Management (ITSM), Git.
- Experience with cloud systems and the integration of cloud security tools.
- Specific experience in Agile (scaled) software development or other best-in-class development practices.
- Any certifications: OSCP, OSCE, OSWP, eWAPTX, eMAPT, Azure, or AWS.
- ISO/IEC 27001 Certification will be considered a huge plus.
- Knowledge of computer networking protocols: TCP, TLS, HTTP, etc.
- Knowledge of OWASP Top 10, OWASP ASVS.
- Knowledge of blockchain.
- Advanced problem-solving skills.
- Excellent written and verbal communication skills and a high level of personal integrity
Think you're a good fit for the role?
If you share our values and our enthusiasm for crypto and trading and you’re up for the challenge of working remotely for a distributed team, we would love to hear from you and explore the value you can add to our team.
Visit our website at https://power.trade/ or find us on Twitter, Facebook, and LinkedIn.