Search...

GRC Expert

Castle Island Ventures logo
Castle Island Ventures

Castle Island Ventures is a venture capital firm focused exclusively on public blockchains, investing in early-stage companies at the intersection of traditional finance and public blockchains.

Distributed
About Castle Island Ventures

Castle Island Ventures is a venture capital firm focused exclusively on public blockchains. Their mission is to support entrepreneurs building the infrastructure and application companies required to help transformative blockchain protocols reach their full potential. They describe their focus as 'accelerating frictionless finance,' investing in early-stage companies operating at the intersection of traditional finance and public blockchains. The firm also produces a podcast and newsletter covering topics in this space, and maintains a portfolio of companies whose open roles are listed on their jobs board.

View jobs by Castle Island Ventures

Skills

About the Role

You will spearhead the implementation of security frameworks that align with DORA and MiCA, act as the primary liaison with European customers on compliance matters, and collaborate with cross-functional teams to embed regulatory compliance into operations. You'll lead the development and execution of the compliance strategy, conduct gap analyses and risk assessments, and maintain policies, procedures, and controls that align with EU regulatory requirements. You'll also manage EU customer audits, due diligence queries, and security questionnaires, while educating internal teams on evolving regulations and reporting to senior management to ensure alignment with business objectives.

Requirements

  • Minimum of 8+ years of experience in cybersecurity or GRC, with at least 5 years experience in EU regulations in a senior role
  • Proven experience in understanding and navigating security and GRC programs, working with various legal, compliance, GRC and security teams both externally with customers and internally
  • In-depth knowledge of EU regulatory frameworks such as DORA, MiCA, GDPR, MaRisk, TIBER-EU
  • Strong understanding of industry best practices, frameworks, standards and certifications such as SOC 2, ISO, NIST, CIS
  • Visionary and innovation-driven, capable of driving and executing security and compliance programs in complex, fast-paced organizations
  • Exceptional communication, collaboration, and interpersonal skills, with the ability to engage both technical and non-technical audiences
  • Strong analytical and problem-solving skills, with the ability to manage multiple projects simultaneously and meet tight deadlines
  • Background in the financial/digital assets sector
  • Good technological understanding and familiarity with product development practices
  • CISM, CRISC, CISSP or other cyber security management or risk management certifications

Responsibilities

  • Lead the development and execution of the company's compliance strategy for DORA and MiCA regulations
  • Conduct gap analyses and risk assessments to identify areas of improvement in security, operational resilience, and compliance processes
  • Develop and maintain policies, procedures, and controls to align with EU regulatory requirements
  • Act as a primary point of contact for EU customers on security matters and manage operations related to EU customer audits, due diligence queries, security questionnaires
  • Collaborate with internal teams to ensure compliance initiatives are seamlessly integrated into business processes
  • Ensure timely identification, assessment, and remediation of risks to maintain continuous alignment with regulatory requirements
  • Stay up to date with the evolving EU regulatory landscape and provide proactive insights to the business
  • Educate and train internal teams on DORA, MiCA and other related regulations and compliance standards
  • Plan an annual work program and budget, including internal and external activities, events, training, development
  • Report to senior and executive management within Fireblocks to ensure alignment with business objectives