Position: Authorised Manager - Risk & Information Security Location: Luxembourg

Company Context:

• Regulated cryptocurrency exchange, licensed by the Luxembourg Ministry of Finance and regulated by the CSSF.
• The first Luxembourg-based company to receive Virtual Asset Service Provider (VASP) registration with the CSSF.

Role & Responsibilities:

• Act as the Authorised Manager vis-à-vis the regulator for Risk, Internal Control, and Information Security matters.
• Hold functional oversight of Risk Management and Internal Control, Compliance, IT and Information Security, as well as HR and Administration.
• Develop and maintain the risk management framework covering the full risk universe (Operational, ICT, Credit, Market, Liquidity, and Reputational risks).
• Ensure the framework complies with MiCA, MiFID, and DORA regulations.
• Note: This is a strictly hands-on role with no dedicated Risk or Information Security team to delegate daily operational tasks to.

Mandatory Requirements:

• Strictly required: Proven, concrete experience working within the Crypto / Blockchain / Digital Assets industry.
• Minimum 5 years of experience in a senior Risk, Internal Control, Compliance, or related function within a regulated financial institution.
• Strong experience in risk management within a MiFID-regulated firm.
• Practical knowledge of Information Security, ICT risk, and thec DORA regulatory framework.
• University degree in risk management, finance, accounting, law, IT, or a related field.
• Fluent in English (oral and written).
• Must possess the right to work in Luxembourg.

How to apply: Please DM me directly or send your CV to [email protected]