About the Role

We are looking for a passionate and experienced EU Governance, Risk, and Compliance (GRC) expert to lead our company’s efforts in aligning with the Digital Operational Resilience Act (DORA) and Markets in Crypto-Assets Regulation (MiCA) in the European Union. This role is critical in driving our security and compliance programs, ensuring they not only meet regulatory standards but also enhance trust and confidence among our customers and stakeholders.

As the EU GRC Manager, you will spearhead the implementation of security frameworks that align with DORA and MiCA, act as the primary liaison with our European customers on compliance matters, and collaborate with cross-functional teams to embed regulatory compliance into our operations.

Reporting line: GRC Director

What you will do

• Lead the development and execution of the company’s compliance strategy for DORA and MiCA regulations.
• Conduct gap analyses and risk assessments to identify areas of improvement in security, operational resilience, and compliance processes.
• Develop and maintain policies, procedures, and controls to align with EU regulatory requirements.
• Act as a primary point of contact for EU customers on security matters and manage operations related to EU customer audits, due diligence queries, security questionnaires, etc., while demonstrating our commitment to regulatory adherence and security excellence.
• Collaborate with internal teams to ensure compliance initiatives are seamlessly integrated into business processes.
• Ensure timely identification, assessment, and remediation of risks to maintain continuous alignment with regulatory requirements.
• Stay up to date with the evolving EU regulatory landscape, constantly research and explore various approaches and solutions in the market, and provide proactive insights to the business.
• Educate and train internal teams on DORA, MiCA and other related regulations and compliance standards to foster a culture of awareness and accountability.
• Plan an annual work program and budget, including internal and external activities, events, training, development, etc.
• Report to senior and executive management within Fireblocks to ensure alignment with business objectives.

 Qualifications:

• Minimum of 8+ years of experience in cybersecurity or GRC, with at least 5 years experience in EU regulations in a senior role.
• Proven experience in understanding and navigating security and GRC programs, working with various legal, compliance, GRC and security teams both externally with customers and internally.
• In-depth knowledge of EU regulatory frameworks such as DORA, MiCA, GDPR, MaRisk, TIBER-EU etc.
• Strong understanding of industry best practices, frameworks, standards and certifications such as SOC 2, ISO, NIST, CIS etc.
• Visionary and innovation-driven, capable of driving and executing security and compliance programs in complex, fast-paced organizations.
• Exceptional communication, collaboration, and interpersonal skills, with the ability to engage both technical and non-technical audiences.
• Strong analytical and problem-solving skills, with the ability to manage multiple projects simultaneously and meet tight deadlines.

Preferred Qualifications:

• Background in the financial/digital assets sector.
• Good technological understanding and familiarity with product development practices.
• CISM, CRISC, CISSP or other cyber security management or risk management certifications.