Focused on developing products and services for the digital assets sector, Bullish has rewired the traditional exchange to benefit asset holders, enable traders and increase market integrity. Supported by the group’s treasury, Bullish’s new breed of exchange combines deep liquidity, automated market making and industry-leading security and compliance to increase the accessibility of digital assets for investors. Bullish exchange is operated by Bullish (GI) Limited and is regulated in Gibraltar.

Bullish through its German subsidiaries (Bullish DE) have applied for a crypto custody and principal brokerage/proprietary trading licenses. In line with these commitments we are expanding into Germany.

Mission: To build technology and tools that make earning, investing and transacting more rewarding.

Vision: A world where everyone is empowered to create a better financial future.

Reports to:

Chief Information Security Officer

The role
This role is principally responsible for the information security strategy and programme of the financial institution, including but not limited to information security policies and procedures to safeguard information assets, information security controls, and the management of information security.
 

Key responsibilities 

• Supporting the management board when defining and changing the information security policy and advising on all issues of information security; this includes helping to resolve conflicting goals (e.g. economic aspects versus information security);

• Implementing and monitoring group level security policies and controls and, where necessary, adapting to local regulatory requirements;

• Managing and coordinating the institution’s information security process as well as monitoring the involvement of IT service providers and assisting in any related tasks;

• Supporting the preparation and updating of technology contingency plans;

• Acting as a contact for any questions relating to technology or information security coming from within the institution or from third parties;

• Examining information security incidents and reporting these to the management board;

• Providing group level “follow the sun” security and IT support within the CET timezone.

Experience & Qualifications 

• Excellent interpersonal and strong verbal and written English communication as well as German conversational skills

• Experience in security operations, including security monitoring and threat management.

• Hands On experience with MacOS and Google Workspace.

• A broad and deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies

• Strong technical knowledge in information technology, to include hardware,

• networking, architecture, protocols, files systems and operating systems.

• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner

• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and the associated impact on the organization

• Although CISSP or CISA certifications are not necessary for this role, a level of security understanding at that level is an absolute minimum

• A good understanding of ITIL and basic understanding of COBIT.

• Ability to work flexible hours in order to communicate periodically with APAC and US counterparts.

• The successful applicant must be eligible to work in the member states of the EU.

Bullish is proud to be an equal opportunity employer. We are fast evolving and striving towards being a globally-diverse community. With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they are encouraged to bring to work every day.