VP, IT Risk and Control Manager

Job Description

Galaxy is seeking an experienced IT Risk and Control Manager for their London-based team. This role is crucial for ensuring the company's compliance as a regulated Virtual Asset Service Provider (VASP).

What This Role Involves:

• Monitoring and testing IT controls for effectiveness.
• Maintaining oversight of internal audit findings and risk action plans.
• Ensuring alignment with group-wide IT governance standards and policies.
• Ensuring adherence to UK and EU laws and regulations.
• Supporting regulatory submissions and requests from UK authorities.
• Executing third-party cybersecurity risk assessments and onboarding due diligence.
• Maintaining the third-party risk inventory and ensuring periodic reviews.
• Maintaining IT and cyber policies in line with industry and regulatory expectations.
• Leading awareness initiatives for secure technology practices and incident response preparedness.

Requirements:

• Minimum 10 years’ experience in IT risk, cybersecurity governance, or technology audit in financial services or crypto/digital assets.
• Strong knowledge of UK, EU, and US cybersecurity regulatory requirements.
• Demonstrated success leading risk assessments and compliance audits.
• Experience with IT GRC tools.
• Strong analytical, communication, and stakeholder management skills.
• Relevant certifications: CISA, CISSP, CRISC, or CISM (Bonus).
• Experience working within a regulated crypto exchange or fintech (Bonus).
• Understanding of blockchain, DeFi, custody models, and wallet technologies (Bonus).

What Galaxy Offers:

• Competitive base salary and discretionary bonus.
• Company-paid health and protective benefits.
• Free virtual coaching and counseling sessions.
• Opportunities to learn about the Crypto industry.
• Smart, entrepreneurial, and fun colleagues.
• Employee Resource Groups.