• Locations
    • Remote
    • United States
  • Date Posted
  • Dec. 31, 2021
  • Function
  • IT
  • Sector
  • Fintech

BitPay, Inc., founded in 2011, is the world’s leading blockchain (cryptocurrency) payments company, serving industry-leading merchants on six continents by providing a seamless, secure cryptocurrency payments experience. BitPay builds powerful tools for accepting, storing, and spending cryptocurrency securely.

We are looking for a passionate, driven security leader to join our U.S. team. Reporting to the Chief Operations Officer, the Director of Information Security and Technology will be responsible for leading numerous technology and security initiatives to successful outcomes and ensuring that we protect the integrity, confidentiality, and availability of information and systems that are owned, controlled or processed by the Company.  Additionally, this leader will be responsible for managing the IT staff as well as establishing and maintaining best practices in information technology, asset management, and internal network management in support of our organization.

Responsibilities

  • The below represents the primary responsibilities of the position. Other duties may be assigned as needed.
  • Work closely with Chief Technology Officer, Chief Compliance Officer, and other executive leaders to develop and enhance the overall information security program, with a specific focus on engineering and architecture, threat management, identity and access management, and vendor management
  • Own tactical execution of strategic direction and vision of the information security program
  • Analyze business needs and priorities for protection of critical systems and data
  • Develop and maintain security metrics and KPIs
  • Draft information security program policies and procedures to ensure compliance with best practices and regulatory requirements
  • Manage expectations of our leadership, customers, and employees
  • Direct and oversee information governance activities, including SOC 2 audits, cybersecurity risk assessments, program enhancements, etc.
  • Lead information security-related committees
  • Manage incident response program, including business continuity/disaster recovery program and security incident preparedness
  • Represent the company in discussions with auditors and regulators
  • Manage security vendor / supplier relationships
  • Manage a small staff of information technology and security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members
  • Manage expenses and budgets for information technology department, including security investments; build and present credible business cases for security initiatives and investments or other IT related initiatives
  • Lead training and awareness efforts across the organization and build a culture of compliance around information security and data privacy
  • Continuously monitor trends to anticipate and plan for information security risks
  • Provide positive and collaborative leadership to all departments (e.g., sales, engineering, product management, legal, compliance, finance, customer success)

Requirements:

  • 8+ years of hands-on, technical security experience, with 4+ years in a role leading teams/programs
  • BS or MS in Computer Science, Computer Security, Computer Engineering, or other technology-related field
  • Experience working with global, cross-functional teams
  • Experience leading security compliance projects (e.g., SOC 2 audits, cybersecurity risk assessments)
  • Working knowledge of systems architecture and implementations (Enterprise, Cloud, Hybrid Cloud, DevOps)
  • Knowledge of security standards / frameworks (e.g., ISO 27001, SSAE-18, NIST, etc.)
  • Knowledge of applicable laws and regulations (e.g., SOX, GLBA, etc.)
  • Excellent oral and written communication skills
  • Ability to thrive in a fast-paced, collaborative environment
  • Strong organizational and time management skills, including demonstrated ability managing teams and establishing goals and priorities
  • Able to work remotely and collaborate with colleagues in different time zones

Preferred:

  • Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification
  • Experience in the crypto industry
  • Experience working at a fintech company with payments industry experience a plus
  • Experience working at an audit and / or advisory services firm
  • Located in the Southeastern region of the U.S.

What we offer:

  • Work with an extraordinary team of smart, fun, and highly motivated people
  • An exciting, fast-growing tech company with a global presence where you can solve complex problems and make an impact every day
  • Awesome learning and growth opportunities with professional development reimbursement
  • A competitive salary with comprehensive benefits including fully paid medical and dental employee plans, telemedicine, life insurance, disability insurance, vision coverage, 401k, travel assistance, and more!
  • Option to be paid in bitcoin and enjoy a bitcoin match program
  • Everyone is eligible for annual stock option awards
  • Generous time off including a sabbatical and the opportunity to choose your own holidays
  • Home office allowance, internet/cell reimbursement, free Amazon Prime and Spotify
  • A remote-first company, with the option to work in our Alpharetta office in the beautiful, walkable restaurant/shopping district of Avalon