Information Security Analyst

- Act as the integrated security partner for Digital Assets teams, ensuring alignment between security needs and business goals. - Convert enterprise cybersecurity policies into actionable guidelines for digital asset initiatives. - Engage in project planning and architecture reviews to maintain secure design and compliance. - Assist in processes for risk exception, acceptance, and mitigation. - Direct comprehensive cybersecurity risk assessments for digital asset products and vendors. - Analyze risks associated with private key management, wallet operations, and blockchain transactions. - Document identified risks, recommend effective controls, and oversee remediation. - Manage the security risk lifecycle for digital asset vendors from assessment to ongoing surveillance. - Evaluate vendors cybersecurity documentation, including SOC 2 reports and penetration tests. - Ensure vendors comply with obligations related to data protection and regulatory standards. - Promote security awareness by educating teams on cybersecurity policies and practices. - Design training and guidance specifically for crypto security matters. - Prepare and facilitate both internal and external audit procedures. - Verify that controls are operating effectively and that documentation is thorough. - Support compliance with various regulatory expectations such as SEC and FINRA. - Collaborate with Cyber Operations for incident preparedness specific to cryptocurrency. - Contribute to the development of incident response playbooks relevant to the crypto space. - Create reports focusing on risk exposure, vendor status, and audit results for leadership review.