Eu Expert jobs at Fireblocks in Germany, Berlin

fully remote position across Germany.

Reporting line: EU GRC Manager

What you will do

• Manage policies, procedures, and controls to align with EU regulatory requirements, staying up-to-date with the evolving EU regulations.
• Conduct gap analyses and risk assessments to identify areas of improvement in security, operational resilience, and compliance processes.
• Collaborate with internal teams and EU customers to establish EU regulatory required baselines and agree the security requirements and associated security controls.
• Manage requests for evidence relating to key security controls, by working in collaboration with internal and external stakeholders.
• Liaise between key stakeholders and Fireblocks technical communities to articulate security control implementation.
• Dive deep into the Fireblocks control environment to develop domain and technical understanding of our security activities and control implementations to enable these to be articulated to customers and internal/external stakeholders.
• Work across a wide variety of Fireblocks teams to establish and maintain information security documentation.
• Act as an internal auditor for Fireblock’s assurance to EU regulation.
• Support EU customers with security matters including audits, due diligence queries, security questionnaires, etc.,
• Ensure timely identification, assessment, and remediation of risks.
• Educate and train internal teams on DORA, MiCA and other related regulations and compliance standards to foster a culture of awareness and accountability.

Qualifications:

• 2+ years of professional experience in performing technical assessments or audits within a cloud environment, including working knowledge of foundational security principles and industry best practices.
• Demonstrated experience in security, audits, control/risk assessments
• Proven analytical and quantitative skills, and an ability to use data and metrics to back up assumptions, develop detailed reporting and drive process improvements.
• Profound knowledge of EU regulatory frameworks such as DORA, MiCA, GDPR, MaRisk, TIBER-EU etc. Strong understanding of industry best practices, frameworks, standards and certifications such as SOC 2, ISO, NIST, CIS etc.
• Exceptional communication, collaboration, and interpersonal skills, with the ability to engage both technical and non-technical audiences.

Preferred Qualifications:

• Background in the financial/digital assets sector.
• Good technological understanding, familiar with product development practices.
• CISM, CRISC, CISSP or other cyber security management or risk management certifications.