×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant

Chief Risk Officer and Head of Information Security - Crypto; Luxembourg

Job in 6300, Zug, Kanton Zug, Switzerland
Listing for: FINTECH Recruitment Ltd
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant
  • Finance & Banking
Salary/Wage Range or Industry Benchmark: 125000 - 150000 CHF Yearly CHF 125000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Chief Risk Officer and Head of Information Security - Crypto (Luxembourg based)

Chief Risk Officer and Head of Information Security - Crypto
About Our Client

Our client is a leading, regulated cryptocurrency exchange operating across Asia, Europe and the United States. The firm is licensed in multiple major jurisdictions and is a financial institution authorised by the Luxembourg Ministry of Finance and regulated by the CSSF in Luxembourg.

As a Luxembourg-based entity registered as a Virtual Asset Service Provider (VASP), the company operates at the forefront of digital asset regulation and innovation. The organisation combines strong governance standards with a dynamic, international culture and a deep commitment to blockchain and digital asset technology.

About the Role

Our client is seeking an Authorised Manager primarily responsible for Risk Management, Internal Control and Information Security. The role is based in Luxembourg and forms part of the firm’s senior management.

The Authorised Manager will be accountable for the design, implementation, oversight and effectiveness of the firm’s risk management framework, internal control system and ICT / information security governance, in line with MiCA/MiFID requirements and applicable EU regulations, including DORA.

This is a hands‑on role with no dedicated Risk or Information Security team. In addition to functional responsibilities, the successful candidate will serve as one of the firm’s Authorised Managers, sharing overall managerial responsibility for the entity alongside the other Authorised Manager. The position requires senior management oversight and coordination across all functions, including Risk and Compliance, while fully respecting the functional independence of the Compliance function.

Key Responsibilities Authorised Manager Responsibilities
  • Act as Authorised Manager vis‑à‑vis the CSSF for Risk, Internal Control and Information Security matters
  • Ensure the sound, prudent and compliant operation of the firm in coordination with the other Authorised Manager(s)
  • Contribute to defining the firm’s strategy and development plan
  • Represent the firm in internal and external meetings, including with regulators, auditors and other stakeholders
  • Liaise with regulatory authorities, external auditors, service providers and vendors as required
  • Coordinate with global group functions to ensure alignment and consistency of approach
Functional Oversight
  • Risk Management and Internal Control
  • Compliance
  • IT and Information Security
  • HR and Administration

Ensure these functions operate effectively and in alignment with the firm’s governance framework, strategy and regulatory obligations.

With respect to Compliance, provide senior management oversight and coordination while fully respecting its functional and operational independence, and act as a senior management escalation point for the Head of Compliance.

  • Develop, maintain and enhance the risk management framework, policies and procedures, including:
  • Risk identification and risk universe
  • Risk assessment and monitoring
  • Risk reporting and Key Risk Indicators (KRIs)
  • Cover the full risk universe, including but not limited to:
  • Operational risk
  • ICT and information security risk
  • Credit risk
  • Market and FX risk
  • Liquidity risk
  • Reputational risk
  • Identify, assess and monitor material risks and ensure appropriate mitigating controls are in place
  • Review, document and evaluate the internal control framework, including automated and manual controls
  • Identify gaps or weaknesses in the risk and control framework and ensure remediation aligned with regulatory expectations and industry standards
  • Prepare and present risk and internal control reporting to senior management and the Board
  • Oversee outsourcing and third‑party risk, including methodology and ongoing monitoring
  • Act as senior accountable person for ICT risk management and information security governance
  • Define, maintain and review:
  • Information security policy
  • ICT‑related policies and procedures
  • Incident management and escalation frameworks
  • Ensure compliance with DORA and other applicable ICT / information security regulatory requirements
  • Perform and coordinate ICT and information security risk assessments
  • Oversee ICT controls across the full system lifecycle
  • Monitor security…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search