Senior Information Security Governance Manager

Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 250 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

**Responsibilities**:

- Support the delivery of global security governance and compliance strategies.
- Manage and maintain a security compliance framework across global entities that can align to Binance’s compliance and Internal audits requirements.
- Develop, manage and maintain effective information security policies, processes, standards and procedures.
- Lead and support ISO 27001, PCI-DSS, SOC 2 Type 1/2 and other security compliance projects.
- Develop maturity model and track of information security controls.
- Internal first point of contact for general security enquiries. Proactively approach and support internal stakeholders across global entities.
- Establish and maintain global security governance and compliance process.
- Respond security questionnaire from internal/external security audit and organize/document the common answers and approaches for future audits.
- Facilitate security risk management within the business units.
- Establish and maintain information risk metrics to highlight information assets that have the highest risk exposure.
- Conduct regular review of remediation actions and reporting to business and technology senior management.

**Requirements**:

- Bachelor's degree or higher in information technology, cyber security or related field.
- 5+ years of experience in a security governance role.
- Strong leadership and excellent communication skills.
- Understanding of Information Risk, security control, data privacy related regulations (e.g. CCPA, SG PDPA, EU GDPR, China Cybersecurity law) within the financial services and banking industry.
- Strong knowledge and practical working experiences in delivering global projects of international data privacy and information security frameworks including NIST Cybersecurity & Privacy Framework, ISO 27001, ISO 27701, CIS, SOC 2 Type 1/2 Report, PCI-DSS and ISAE 3000.
- Demonstrable work experience delivering effective business and technical security solutions, processes, tools, and high performing teams.
- A good working knowledge of the latest information technology security trends and emerging threats is essential.
- Experience of implementing risk management principles and methodologies within a security or technology function.
- Good project management experience and skills.
- Strong analytical and problem-solving skills are must have.
- Having one of below security or privacy qualification is a plus - CISSP, CISM, CISA, CEH, SANS, CCSP, ISO 27001 Lead Auditor, IAPP CIPP / CIPM.
- An understanding of cloud infrastructure technologies and associated risks would be beneficial.

**Why Binance**
- Shape the future with the world’s leading blockchain ecosystem
- Collaborate with world-class talent in a user-centric global organization with a flat structure
- Tackle unique, fast-paced projects with autonomy in an innovative environment
- Thrive in a results-driven workplace with opportunities for career growth and continuous learning
- Competitive salary and company benefits
- Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.