Infrastructure Protection: Plan, design, and build, run cybersecurity frameworks specifically for virtual asset trading and management platforms.
Blockchain Security: Implement protocols for hot/cold wallet management, private key protection, and smart contract security audits.
Regulatory Compliance: Ensure the firm meets local standards (e.g., SFC guidelines or HKMA circulars) and international frameworks like ISO/IEC 27001 and NIST CSF.
Incident Response: Lead the defense against cyber threats and manage real-time responses to security breaches or unauthorized asset transfers.
Vulnerability Management: Conduct regular penetration testing and vulnerability assessments on the digital asset custody system.
Governance: Formulate and enforce internal security policies tailored to the high-risk nature of virtual asset exchanges.
Requirements:
Education: Bachelor’s degree in IT, Computer Science, or Cyber Security.
Experience: Typically 5 – 8+ years in information security, with specialized experience in blockchain/virtual asset security or fintech.
Certifications: Industry – standard credentials such as CISSP, CISM, or CISA are highly preferred, but not a must.
Technical Depth: Expertise in cloud infrastructure security (AWS/Azure), cryptography, and security monitoring tools like SIEM, PAM, IAM or EDR.
Soft Skills: Ability to translate complex technical risks to C-suite stakeholders and lead cross-functional teams.