EU GRC Expert (Germany) The world of digital assets is accelerating in speed, magnitude, and complexity, opening the door to new ways for leveraging the blockchain. Fireblocks’ platform and network provide the simplest and most secure way for companies to work with digital assets and it trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more. About the Role: fully remote position across Germany. We are looking for a passionate EU Governance, Risk, and Compliance (GRC) expert to contribute to our company’s efforts in aligning with the Digital Operational Resilience Act (DORA) and Markets in Crypto-Assets Regulation (MiCA) in the European Union. This role is also critical to enhance trust and confidence among our customers and stakeholders and will be part of the GRC team which is amongst others responsible for demonstrating the security controls of services and offerings. This position will be focused on the security assurance function, leading on day-to-day security assurance activities, collaborating with cross-functional teams, evaluating compliance and providing evidence of how they meet our internal security measures, the requirements of EU regulators and our most security conscious customers. This role facilitates our ability to build and maintain assurance through our internal security assurance processes and mechanisms. Ideal candidates will have the ability to learn and comprehend security control implementations and operational effectiveness, Fireblocks services, and IT and auditing processes. They will also be able to evaluate opportunities for improvement, and influence across organizations and teams. Reporting line: EU GRC Manager What you will do Manage policies, procedures, and controls to align with EU regulatory requirements, staying up-to-date with the evolving EU regulations. Conduct gap analyses and risk assessments to identify areas of improvement in security, operational resilience, and compliance processes. Collaborate with internal teams and EU customers to establish EU regulatory required baselines and agree the security requirements and associated security controls. Manage requests for evidence relating to key security controls, by working in collaboration with internal and external stakeholders. Liaise between key stakeholders and Fireblocks technical communities to articulate security control implementation. Dive deep into the Fireblocks control environment to develop domain and technical understanding of our security activities and control implementations to enable these to be articulated to customers and internal/external stakeholders. Work across a wide variety of Fireblocks teams to establish and maintain information security documentation. Act as an internal auditor for Fireblock’s assurance to EU regulation. Support EU customers with security matters including audits, due diligence queries, security questionnaires, etc., Ensure timely identification, assessment, and remediation of risks. Educate and train internal teams on DORA, MiCA and other related regulations and compliance standards to foster a culture of awareness and accountability. Qualifications: 2 years of professional experience in performing technical assessments or audits within a cloud environment, including working knowledge of foundational security principles and industry best practices. Demonstrated experience in security, audits, control/risk assessments Proven analytical and quantitative skills, and an ability to use data and metrics to back up assumptions, develop detailed reporting and drive process improvements. Profound knowledge of EU regulatory frameworks such as DORA, MiCA, GDPR, MaRisk, TIBER-EU etc. Strong understanding of industry best practices, frameworks, standards and certifications such as SOC 2, ISO, NIST, CIS etc. Exceptional communication, collaboration, and interpersonal skills, with the ability to engage both technical and non-technical audiences. Preferred Qualifications: Background in the financial/digital assets sector. Good technological understanding, familiar with product development practices. CISM, CRISC, CISSP or other cyber security management or risk management certifications. Fireblocks' mission is to enable every business to easily and securely access digital assets and cryptocurrencies. In order to do that, we strongly believe our workforce should be as diverse as our clients, and this is why we embrace diversity and inclusion in all its forms.