Lead – Cyber & Technology Risk
Auto ImportShare
<p><span style="font-family: Arial, sans-serif; font-size: 10pt; font-weight: bold">About Us:</span></p> <p><br></p> <p><span style="color: #36383f; font-family: Arial,sans-serif; font-size: 10pt; font-weight: bold; text-decoration: underline">Allocated Bullion Exchange (ABX)</span></p> <p><br></p> <p><span style="color: #36383f; font-family: Arial,sans-serif; font-size: 10pt">Allocated Bullion Exchange (ABX) is the world’s leading electronic institutional exchange for allocated physical precious metals. The ABX brings global trading, price discovery, and clearing facilities into one standardised and secure online trading environment via our groundbreaking exchange trading platform, MetalDesk. </span></p> <p><br></p> <p><span style="color: #36383f; font-family: Arial,sans-serif; font-size: 10pt">The exchange introduces a new, centrally cleared, transparent, and cost-effective allocated exchange system and standard for the industry by offering precious metal market participants an exchange where they are able to trade, deliver, or store physical precious metal in 7 global locations. ABX gives market participants across the world direct access to one integrated and consolidated global wholesale bullion market. We have enhanced market efficiency, introduced inclusiveness and accessibility, and provided relevant real-time price discovery. </span></p> <p><br></p> <p><span style="color: #36383f; font-family: Arial,sans-serif; font-size: 10pt">ABX has Modernised, Globalised & Integrated the precious metal markets by redefining the way physical bullion is traded. We connect all major global liquidity centres and break down the barriers to entry to the global wholesale market for all market participants.</span></p> <p><br><br></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt; font-weight: bold">About the Role (Job Description):</span></p> <p><br></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt">We are looking for a Lead, Technology Risk to strengthen technology risk governance, cyber resilience, and operational oversight across our digital asset and payments ecosystem.</span></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt">This role will work closely with Information Technology, Product, Security, Compliance, and Operations teams to identify, assess, and manage technology-related risks across our platforms, wallet infrastructure, payment systems, and third-party integrations.</span></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt">The ideal candidate combines strong technology risk and cybersecurity governance experience with a practical understanding of fintech, cloud infrastructure, digital assets, and payment ecosystems.</span></p> <p><br></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt; font-weight: bold">Key Responsibilities</span></p> <p><br></p> <ul> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Drive and maintain the company’s Technology Risk Management (TRM) framework, policies, and governance standards.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Perform technology and cybersecurity risk assessments across infrastructure, cloud environments, wallet systems, applications, APIs, and third-party services.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Support audit and regulatory readiness activities, including remediation tracking and control improvement initiatives.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Monitor and assess risks relating to digital asset infrastructure, payment systems, custodial and non-custodial environments, and operational resilience.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Partner with Information Technology and Security teams to strengthen controls around access management, incident response, change management, monitoring, and vendor oversight.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Support incident management activities, including risk assessment, escalation review, remediation tracking, and post-incident analysis.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Develop and maintain risk reporting, dashboards, and Key Risk Indicators (KRIs) to support management visibility and decision-making.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Promote strong risk awareness and governance practices across business and technology teams.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Stay informed on emerging cybersecurity, fintech, and digital asset risks, technologies, and industry developments.</span></li> </ul> <p><br></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt; font-weight: bold">Requirements:</span></p> <p><br></p> <ul> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">10 years of experience in Technology Risk, Information Security, Cybersecurity Governance, IT Risk, IT Audit, or related fields.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Experience within fintech, payments, digital assets, blockchain, or regulated financial services environments is strongly preferred.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Strong understanding of technology risk governance, cybersecurity controls, cloud infrastructure, operational resilience, and vendor risk management.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Familiarity with digital asset infrastructure, wallet environments, payment/card ecosystems, and blockchain operational risks.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Experience supporting audit remediation, regulatory readiness, and control assessments.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Good understanding of security and governance frameworks such as ISO 27001, NIST, CIS Controls, PCI-DSS, or similar.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Strong stakeholder management and communication skills, with the ability to work effectively across technical and non-technical teams.</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Professional certifications such as CISSP, CISM, CRISC, CISA, or ISO27001-related certifications are advantageous.</span></li> </ul> <p><br></p> <p><span style="font-family: Arial, sans-serif; font-size: 10pt; font-weight: bold">What We Offer:</span></p> <p><br></p> <ul> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Flexible working arrangements</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Competitive salary</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Ongoing professional development</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Welcoming and supportive culture</span></li> <li><span style="font-family: Arial, sans-serif; font-size: 10pt">Diverse, global team</span></li> </ul>