Senior Security Engineer-GRC (Governance, Risk, Compliance)

About Liminal:

At Liminal our mission is to simplify self custody. We make digital assets safer, efficient and rewarding for individuals and businesses without giving up control and ownership.Liminal is an enterprise-grade platform that offers a robust infrastructure for managing digital assets.Liminal enables exchanges, custodians, banks, trading desks, and hedge funds to securely scale their digital asset operations through HSM backed plug and play wallet architecture. Our zero key leakage tolerance approach helps institutions in eliminating the risks associated with digital asset transfers, such as, cyber attacks, internal collusion, and human error. Liminal's operations excellence framework provides efficient fees management, transaction confirmation guarantees, auto-refilling, sweeping, batching and other wallet operations. Our proprietary regulatory readiness program, which includes AML checks,quarantine wallets, key residency, travel rule and CCSS-compliant platforms, helps businesses fast-track their compliance journey.

Liminal is founded by Mahin Gupta (https://www.linkedin.com/in/mahingupta/), who previously co-founded ZebPay - one of India's largest crypto exchanges. The entire founding team at Liminal has extensive experience in designing and developing secure wallet architectures with operational efficiencies. Liminal is incorporated in Singapore and has operations across the globe. Liminal has processed transactions over $6 billion and has ~$600 million worth of Assets Under Protection.

Our website - https://www.liminalcustody.com/
Our Blogs - https://blog.lmnl.app/


Description 

● This individual will act as a key member of the team responsible for security design, drafting, coordination, and life cycle management of policy governance and exception activities for the organization. 

● Designing and implementing broad governance and risk management frameworks/processes, developing third-party risk and control assessments, and implementing managed services to improve/enhance an organization’s Risk Management program. 

● Support the 3rd party risk management lifecycle by managing the documentation and distribution of responses to stakeholders through internal and external engagements. 

● Security Questionnaires, Vendor Risk Management questionnaires, Supplier Risk Management, Custom Audits, and other applicable documentation. 

● Demonstrated problem-solving capacity and the ability to make decisions that impact the organization’s service levels with a sense of urgency. 

● Provide subject matter mentoring and training to peers and other colleagues in the organization. 

● Identify opportunities for security and business processes improvements, and partner with the internal stakeholders to implement enhancements to the Issues & Exceptions Management processes. 

Requirements

Required Qualifications 

● 6 to 7 years of experience in Information Security Governance, Risk, and Compliance, preferably in a cloud-focused fintech organization. 

● Experience with information security frameworks such as SOC 2, ISO 27001, ISO 27701, CERT-In, DPDPA India etc.

● Experience with Risk Management Tools or Automation of Third-Party Risk Management process. 

● Senior level written and verbal communication skills

● Ability to work well, collaborate, and lead within a team environment Preferred Qualifications 

● Holding security certifications such as CISSP, CISM, SANS GIAC, ISO 27001 Lead Auditor is a plus 

● Meets/exceeds Liminal’s functional/technical depth and complexity for this role 

● An entrepreneurial spirit with the ability to drive innovation independently 

● Maturity, judgment, negotiation/influence skills, analytical skills 

● Strong customer focus, ownership 

● Familiarity with web services, multi-tiered systems, complex architectures, workflow and enterprise application integration 

● Passion for making things better and resourceful, solutions-based approach to partnership 

● Possess an understanding of core information security principles and associated risk management principles 

● Have extensive experience with process improvement, building, and strategic development 

● Experience with products and services 

● Experience with cross-organizational collaboration and negotiation Key