Information Security GRC Manager
Built and led by Dmitry Tokarev, a software and financial engineering specialist, the firm provides a comprehensive suite of custody, trading and settlement solutions that reduce counterparty risk and bring greater capital and operational efficiency to digital asset markets. At the heart of Copper's offering is Multi-Party Computation (MPC) technology – the gold standard in secure custody. Copper’s multi-award winning custody system is unique in that it can be connected to centralised exchanges, DeFi applications and even staking pools without the assets leaving the custody.
Built on top of this state-of-the-art custody, ClearLoop™ is the first solution in the market that overcomes a growing industry challenge; counterparty risk with exchanges. This solution underpins a full prime services offering, connecting global exchanges and enabling customers to trade and settle directly from the safety of their MPC-secured wallets. By reducing settlement time for transfers to a few milliseconds (without blockchain network dependency) and offering enhanced security measures, ClearLoop™ is rapidly reshaping the way asset managers trade and manage capital.
In addition to industry-leading security certifications, Copper has one of the strongest insurance coverages in the industry from an A+ rated insurer, positioning the firm as the partner of choice for institutions seeking to safeguard their assets.
The Technical Governance, Risk and Compliance (Tech GRC) manage the non-financial risk management, project management of internal and external assurance programmes, third party risk management, business continuity planning among responsibilities.
We are a flexible function that has a very broad remit across the business, we value adaptability and the ability for individuals to operate in ambiguous situations.
Key Responsibilities of the role
You will be responsible for the Risk Programme, Third Party Risk Management and Cyber Assurance in Copper and you key responsibilities will include:
- Undertaking regular reviews of the Risk Management standards in line with best practices and industry standards. Embedding requirements into key business processes.
- Implementing tools and processes to help automate and streamline all aspects of Risk Management.
- Acting as subject matter expert and advise on the design and implementation of key security controls. Deliver related communications, training, and awareness. Partner with teams across technology and the business to ensure compliance requirements are understood.
- Coordinating engagements with internal and external auditors. Supporting third-party assessments including due diligence activity, compliance questionnaires, vendor assurance, and RFPs.
- Determining and advising the business on appropriate improvements for business processes and controls.
- Conducting assurance testing on control effectiveness and provide recommendations, manage remediations and facilitate discussion on improvements.
- Monitoring and reporting on control gaps, ongoing risks to the business and track using treatment plans.
Your experience, skills and knowledge
- Practical and technical GRC experience in an Information Security GRC position or a role that is focused on policies, standards and frameworks.
- Knowledge and experience of security, industry, and regulatory compliance frameworks and drivers such as NIST, ISO, SOC2, GDPR.
- The ability to identify, analyse and propose mitigating actions for risks in cloud-native environments.
- Experience in training and awareness.
- The skills and experience to explain technical concepts to colleagues in the context of business requirements.
- Knowledge of cryptocurrency and blockchain technologies.
- Strong stakeholder engagement skills, including education around topics such as risk management, and governance.
- Risk Management certifications, Security Certifications (CISA, CISM, CISSP, ISO27001) or other relevant certifications
The benefits offered
- 25 days annual leave a yearin addition to bank holiday entitlement (additional days annual leave, capped at 30days)
- BUPA Private medical care:Individual
- BUPA Private Dental care:Individual
- Pension matched up to 10%
- Home Working Energy Supportsscheme
- Classpass membership
- Unmind membership
In return for everything you can bring to Copper, we can offer you an exciting, challenging role in a fast-growing and dynamic business, with career opportunities and welcoming working environment.
Copper is an equal opportunity employer. We embrace diversity and equal opportunities in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. So, bring us your experience, perspectives, and skills. It is in our differences that we will continue to grow and ensure Copper is transforming how institutional investors engage with digital assets. Copper is a Disability Confident Employer, please let us know if you have a disability. If you require us to provide any assistance during the recruitment process, then we would ask you to highlight this to us and we will be happy to accommodate.
Something looks off?