Senior Security Engineer-GRC (Governance, Risk, Compliance)
Description For Senior Security Engineer-GRC (Governance, Risk, Compliance)
Liminal is seeking a Senior Security Engineer-GRC to join their team. The role involves acting as a key member responsible for security design, drafting, coordination, and life cycle management of policy governance and exception activities. The candidate will design and implement broad governance and risk management frameworks, develop third-party risk assessments, and support the 3rd party risk management lifecycle. They will handle security questionnaires, vendor risk management, and custom audits. The ideal candidate should have problem-solving skills, the ability to make impactful decisions, and provide mentoring to peers. They will also identify opportunities for security and business process improvements.
Liminal's mission is to simplify self custody of digital assets, making them safer, efficient, and rewarding without giving up control and ownership. The company offers an enterprise-grade platform for managing digital assets, catering to exchanges, custodians, banks, trading desks, and hedge funds. Liminal's approach focuses on eliminating risks associated with digital asset transfers and provides an operations excellence framework for efficient wallet operations.
Founded by Mahin Gupta, who previously co-founded ZebPay, Liminal is incorporated in Singapore with global operations. The company has processed transactions over $6 billion and has ~$600 million worth of Assets Under Protection.
Required Qualifications:
- 6 to 7 years of experience in Information Security Governance, Risk, and Compliance, preferably in a cloud-focused fintech organization
- Experience with information security frameworks such as SOC 2, ISO 27001, ISO 27701, CERT-In, DPDPA India
- Experience with Risk Management Tools or Automation of Third-Party Risk Management process
- Senior level written and verbal communication skills
- Ability to work well, collaborate, and lead within a team environment
Preferred Qualifications:
- Security certifications such as CISSP, CISM, SANS GIAC, ISO 27001 Lead Auditor
- Entrepreneurial spirit with the ability to drive innovation independently
- Strong customer focus and ownership
- Familiarity with web services, multi-tiered systems, complex architectures, workflow and enterprise application integration
- Understanding of core information security principles and associated risk management principles
- Experience with process improvement, building, and strategic development
Liminal offers a challenging role in a growing company focused on digital asset security and management. The position provides an opportunity to work with cutting-edge technology and contribute to the development of secure and efficient digital asset management solutions.
Responsibilities For Senior Security Engineer-GRC (Governance, Risk, Compliance)
- Act as a key member responsible for security design, drafting, coordination, and life cycle management of policy governance and exception activities
- Design and implement broad governance and risk management frameworks/processes
- Develop third-party risk and control assessments
- Support the 3rd party risk management lifecycle
- Handle Security Questionnaires, Vendor Risk Management questionnaires, Supplier Risk Management, Custom Audits
- Provide subject matter mentoring and training to peers and other colleagues
- Identify opportunities for security and business processes improvements
Requirements For Senior Security Engineer-GRC (Governance, Risk, Compliance)
- 6 to 7 years of experience in Information Security Governance, Risk, and Compliance
- Experience with information security frameworks (SOC 2, ISO 27001, ISO 27701, CERT-In, DPDPA India)
- Experience with Risk Management Tools or Automation of Third-Party Risk Management process
- Senior level written and verbal communication skills
- Ability to work well, collaborate, and lead within a team environment
