Job Description

Description
About Hex Trust
Hex Trust is Asia's leading provider of digital asset custody solutions for Banks & Financial Institutions, using leading-edge Blockchain technology. Led by innovators from the financial services industry, Hex Trust has built a proprietary platform that delivers a new way for financial institutions, asset managers, and corporations to safely and efficiently operate in the Blockchain ecosystem. Institutional adoption of digital assets and DeFi requires a fundamental shift in the way banks and financial institutions operate. Hex Trust is the link that connects the traditional financial world to the digital assets ecosystem.
Position Summary
As Hex Trust is growing rapidly and looking to expand its business to multiple jurisdictions, we are looking for professionals in the IT GRC (Governance, Risk and Compliance) space to support our Information Security Team. Your job will be assisting the company in several areas, including IT Regulatory Affairs, Security Certifications, Policy and Process Design, IT Control and Assurance, and Audit Engagement Coordination. You should have a high level understanding of different technology functions, processes and concepts. We expect you to have good communication skills, strong stakeholder management capabilities and ability to deliver with high preciseness.
Responsibilities

• Act as point of contact for IT Regulatory Affairs and Client Due Diligence Questionnaires.
• Review and Revamp existing IT policies to ensure meeting the industry best practices and standards.
• Assist on IT and Security Certification / Compliance Campaigns such as ISO27001, ISO27701, ISAE3402 / SOC2 and CCSS.
• Finetune and enhance the tooling of IT GRC.
• Coordinate audit campaigns or engagements from external auditors.
• Formalize and initiate IT Assurance Framework according to the industry best practices and standards, technologies, relevant regulations and requirements.
• Enhance and automate the existing IT Control Framework, verify the design of IT controls as per the technology stacks and business environment of the company.
• Lead periodic IT control / IT assurance campaigns to ensure the performance of control execution of technology teams and technology-related processes.
• Address dissatisfaction of controls, issue findings and remediation actions to the relevant action owners.
• Perform ad-hoc tasks as requested by the team.

Requirements

• Bachelor Degree in Computer Science, Information Systems, Cyber Security, Business Administration or relevant field.
• Strong communication skills to collaborate with various stakeholders in English.
• 0 to 5 years of work experience at least in one of the areas: IT Audit and Risk Assurance, IT Risk and Control, IT Governance, IT Compliance.
• Experience in at least one of the framework, certification and regulatory requirements is preferred: MAS Technology Risk Management Guideline and Cyber Hygiene Notice, NIST Cybersecurity Framework, ISO 27001 / 27002 / 27701, SOC 2 / AICPA Trust Service Criteria, GDPR, COBIT 5.
• Strong knowledge of Information Systems, IT Operation, ITSM and IT Audit.
• Strong problem solving and project execution skills.
• Brief understanding of technology concepts such as DevOps, DevSecOps, Cloud Computing, Blockchain, Cryptography.
• Great sense of ownership and self-driven mindset.
• Certification holder or exam passer of CISA / ISO27001 Lead Auditor / CCAK / CGEIT / ITIL / CRISC / CISM / CCSK / CISSP is preferred.

Benefits
Make a difference and get yourself noticed in a rapidly growing company, providing multiple opportunities for career and personal development. We are a dynamic, multi-cultural team of smart, motivated people based in offices across Hong Kong, Singapore and Vietnam. We'll give you tough challenges, while offering rewarding results to match, as well as regular team and social events and flexible working arrangements when needed.
Diverse and inclusive team: A diverse and international team who come from over 15 countries with diversity of both thought and background on a mission to disrupt the digital asset industry. We support each other and take pride in our achievements. We attract talent from well known global multinational companies and institutions.
Ownership & learning-curve: Opportunity to make an active contribution to the growth story of one of the leading disruptors in the FinTech industry.
Communication: We treat our staff like owners by being open, transparent, and providing regular communication about our direction and progress. We provide regular insight into decision making, strategy, and corporate-wide objectives and key results progress so that each of our employees is aligned and empowered. And we constantly strive to improve how we can communicate more effectively.
Office: We offer both the flexibility to work remotely or from our modern offices in the central business hubs of Hong Kong, Singapore and Vietnam.
Hex Trust is an equal opportunity employer devoted to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.