Head of Information Security

Position Overview

As the Head of Information Security at Blockdaemon, you will lead the charge in protecting our assets, infrastructure, and data from evolving cybersecurity threats. The successful candidate will be an experienced security practitioner with in-depth knowledge of modern Security and Risk Management practices, possessing a track record of effectively collaborating with engineers, developers, and other stakeholders across the organization with the goal of constant improvement of the overall security posture of the organization. Your technical expertise will be crucial in ensuring the confidentiality, integrity and availability of our systems and data, while also fostering a culture of security mindfulness across the organization.

Your Impact

• Strategic Leadership and Vision: Craft and execute a forward-thinking security strategy that aligns with our company's goals, with a focus on reducing our Information Security risks.
• Product and Application Security: Organically embed security throughout the SDLC, from design to deployment, ensuring our products and applications are built to the highest security standards.
• Cloud Infrastructure Security: Ensure the security of our cloud-based systems and databases through the design and implementation of robust security architectures and procedures.
• Patch and Vulnerability Management: Establish a proactive vulnerability management program to identify, assess, and remediate vulnerabilities across all platforms and applications.
• Security Operations and Incident Response: Develop and manage a security operations center (SOC) that monitors, detects, and responds to cybersecurity incidents in a timely and effective manner.
• Customer Trust & Security Assurance: Develop collateral materials to support our external-facing security posture and respond to security questionnaires.
• Compliance and Governance: Lead efforts to achieve and maintain compliance with relevant standards (ISO 27001, SOC 2, GDPR), including the development of compliance check routines and the management of IT policies and procedures.
• Training and Awareness: Cultivate a culture of security awareness across the company through comprehensive training programs and regular communications on security best practices and threats.
• Team Leadership and Development: Build and lead a high-performing security team, providing mentorship, setting clear objectives, and fostering a culture of innovation and continuous improvement.
• Vendor and Third-Party Management: Manage relationships with external vendors and service providers, ensuring they meet our security standards and contribute to our overall security posture.
• Security Audits and Assessments: Conduct regular security audits and risk assessments to identify and mitigate potential security gaps.

Role Requirements

• Based in Ireland (Dublin or surrounding area preferred)
• Proven track record in a leadership role within Information Security and Compliance, preferably in a business with 200 - 1000 people.
• Ability to develop and implement comprehensive cybersecurity strategies and policies.
• Deep understanding of and experience with ISO 27001, SOC 2, and GDPR compliance frameworks.
• Solid grasp of security protocols and standards, encryption technologies, cloud infrastructure and application security, and the cybersecurity landscape as it pertains to blockchain technologies.
• Exceptional communication abilities, capable of effectively articulating security risks and strategies to stakeholders at all levels, successfully managing competing priorities between Information Security requirements and business goals.
• Demonstrated leadership skills with the ability to manage, mentor, and grow a security team.

Nice-to-haves:

• Experience or an interest working within web3 or blockchain technology preferred.
• Experience working within a startup environment, preferably within SaaS / tech.