Lead, Security Grc

**GRC Security at Coinbase
Coinbase stores more digital currency than any company in the world, making us a prime target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Crucial to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast paced companies to build security compliance engines from the ground up and create positive change across the business, we’d like to speak with you about joining our team.

We are looking for our first Security Governance, Risk, and Compliance Lead for the India market based in Singapore where the team sits. Your role includes: building a team to support ongoing business demands and continued expansion in India while coordinating with APAC and Global peers and to collaborate with teams across the company to design, understand, and meet our security and technology requirements.

**What you’ll be doing (ie. job duties)**:

- Build and support ongoing India security and technology GRC activities and facilitate company growth / expansion into new products, aligned with APAC and Global strategy
- Work closely with other Security GRC members in APAC and Global locations
- Build and manage international security governance framework and its implementation across regulated Coinbase Entities within india.
- Establish and execute quarterly, annual security GRC objectives for Coinbase India and develop and execute program maturity models for continuous program improvements.
- Monitor evolution and changes in India and international security standards and guidance, advise team and stakeholders on impact
- Drive compliance with India legal and regulatory requirements
- Serve as one of the primary security touchpoints with Indian regulatory bodies
- Lead senior management engagement with key stakeholders within India and Coinbase Global Security
- Partner with your global Security colleagues to create culture change and ensure security best practices company wide are reflected in Coinbase US and International activities

**What we look for in you (ie. job requirements)**:

- 10+ years of experience in security or technology governance, risk, or compliance with experience leading and/or building a team of Full Time employees and when required contractor support.
- 5+ years of experience working within Financial Services or FinTech
- Track record of implementing security standards or frameworks including at least three of the following: ISO 27001, ICT and Security Guidelines, SOC 2,, NIST CSF, NIST 800-53, PCI
- Experience reporting security GRC posture to senior stakeholders
- Prior experience working closely with auditors and/or external regulators
- Ability to navigate ambiguity and are energized by bringing order to lots of moving parts
- Ability to partner with cross-functional teams: Product Engineering, Enterprise Risk, Legal, Data Governance, Customer Experience and Compliance, previous experience working with various global sites to implement coordinated efforts.
- Outstanding communication and writing skills that enable you to proactively build relationships, inform others, and clearly explain security requirements to any team

**Nice to haves**:

- _Knowledge of AWS environments and services _
- _Experience working with or for fintech or financial services _
- _Experience implementing and/or working in a GRC tool such as Archer or Metricstream _
- One of more of the following certifications: CISSP, CISM, CISA, CRISC, or other relevant certifications
- Experience working within Cloud native environments
- Experience working with regulators