Security Risk Management & Supplier Assurance

Company: Ledger
Location: Paris, Texas, United States
Type: Full-time
Posted: 13.AUG.2021
< >


Founded in 2014, Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications. Headquartered...


Founded in 2014, Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications. Headquartered in Paris, London, Singapore, Vierzon and New York, Ledger has a team of 300+ professionals developing a variety of products and services to safeguard cryptocurrency assets for individuals and companies - including the Ledger hardware wallets line already sold in 165 countries.Working with internal stakeholders, external consultants and Ledger suppliers to ensure that all suppliers are assessed or on-boarded with appropriate due diligence or security maturity identification. Assist with supporting activities including PMO functions and remediation. This role is for a well rounded and experienced Risk Management professional covering supplier assurance, 3rd party risk assessment as well as responding to requests from customers for review of Ledgers own risk management practices and procedures. The role will focus not only on data risk management, but broader associated risk topics. The role will focus on providing a clear line of sight between effective due diligence of a supplier and financial loss or reputational damage. Reporting to the VP Security Governance, Risk and Compliance and working closely with Legal, Procurement, Data Protection and Business Continuity functions this role will help expand existing risk management frameworks and practices. Key ResponsibilitiesWorking individually or as part of a project team to provide supplier data security advice and guidanceProvide subject matter expertise on all new supplier on-boarding activities including due diligence testing and security schedule contract negotiationPerform on-site Third-Party Security Assessment (TPSA) assessments of all critical suppliers that transmit, process or store Ledger dataWork with existing and new suppliers to confirm exit strategy, data retention and data return measuresAssist with back-office functions and activities including TPSA scheduling, PMO, Reporting and remediation trackingAssist in a continuous improvement regimeTo work collaboratively with teams from other disciplines within Ledger and with the supplier(s)Manage concurrent complex activities to short timescalesAbility to work under pressure to deliver good quality assessment reportsTimeliness of responding to supplier queriesDelivery of new supplier on-boarding completionDelivery of on-site Third Party Security Assessment (TPSA) reportsDelivery of key MI to support the reporting function across marketsBe prepared to travel for assessments (includes international) - between 30-40%.QualificationsA recognised security certification such as CISSP, CISA or CISM is desirable but not essentialSkills/Knowledge/ExperienceIn depth experience in an information security related roleGood knowledge of all domains within security e.g. BCM, Physical, GDPR / Data Protection, Cloud, Security ManagementAbility to explain technical complex concepts to non-technical stakeholders and suppliersExperience of conducting high level assessments and deep dive multi-day assessments or auditsAbility to produce high quality audit or assessment reportsExperience of conducting contractual mark-up and negotiation with suppliersAbility to provide PMO and reporting activity in support of a broader functionGood communication and influencing and negotiation skillsExperience in a similar role for a complex global organisation (insurance or financial services sector preferred but not essential)Previous experience with Archer or other similar tools advantageous but not essentialBenefitsCompetitive compensation package and ESOP according to the Company policyFlexible working hours, remote-friendly environmentStrong focus on personal development including internal/external trainings and attendance to conferencesInternal talks, technical meetups and hackathonsHigh performance office equipmentComprehensive health insurance policy offering extensive medical, dental and vision care coverageMeal Vouchers with Swile (ex Lunchr)Annual company outing for Ledgerdary Days plus infrequent parties, snacks and drinksEmployee discount on Ledger productsLedger guarantees equity for all during the recruitment process, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age

Apply Now


Free eBook

Loader2 Processing ...