Remotehey

CandidatePost jobSignin

Work anywhere, Live anywhere

BANXA - remotehey
BANXA

ICT Risk Analyst

amsterdam, north holland, netherlands / Posted
APPLY

Get to know us πŸŽ†


BANXA is a hyper-growth global Payment Services Provider that enables the purchase of digital assets and currencies such as Bitcoin or USDT using traditional currencies, such as Australian Dollars, Euros and Pounds (just to name a few)! Every 30 seconds someone purchases cryptocurrency with us ⏱ !


Our on-and off ramp product manages the entire value chain to provide a seamless, secure experience whilst being internationally compliant βœ… . Our mission is to connect the β€˜old world' to the β€˜new world', by onboarding the masses to digital currency! πŸš€


We're a global team spanning across 10 countries, with 4 offices, in Australia, USA, UK, Lithuania & Philippines. The majority of the team sits in Melbourne at our headquarters in Cremorne however our connected and collaborative culture empowers our people to excel. As an up and coming tech-unicorn in our space, we are early adopters, progressive in our approach and adaptable to the ever changing landscape.


Your New Gig πŸ’Ό


BANXA is held by a number of regulatory standards, and we're looking for an ICT Risk Analyst with familiarity in regulatory compliance to join our Melbourne-based Tech team, remote from Amsterdam, with the potential to move to hybrid in the next 6-12 months.


Reporting to the Head of Technology, this role will play a crucial role in ensuring Banxa's adherence to the Digital Operational Resilience Act (DORA) and other relevant ICT-related regulations.


This position will be central to the implementation, monitoring, and continuous improvement of Banxa's ICT Risk Management Framework, guaranteeing the digital operational resilience of our systems and services.


What You'll Do πŸ‘€


DORA Compliance & Framework Management:

  • Support the development, implementation, and continuous improvement of Banxa's ICT Risk Management Framework, aligning with DORA's five pillars.
  • Translate DORA regulatory requirements, including Regulatory Technical Standards (RTS) and Implementing Technical Standards (ITS), into actionable policies, procedures, and controls
  • Maintain and update the inventory of all ICT assets, critical functions, and their interdependencies, ensuring accurate risk classifications


Risk Assessment & Analysis:

  • Conduct regular and ad-hoc ICT risk assessments across all layers of the ICT infrastructure (hardware, software, data, networks, cloud services, etc.), identifying potential vulnerabilities, threats, and their impact on critical and important functions.
  • Utilize and enhance the risk assessment matrix to evaluate inherent and current risk scores for third-party providers and internal ICT systems.
  • Propose and track effective mitigation strategies and controls to reduce identified ICT risks within the defined risk appetite.


Incident Management Support:

  • Collaborate with the various ICT teams to ensure timely detection, accurate classification, effective response, and comprehensive recovery from ICT-related incidents, in accordance with Banxa's five-stage incident management process and DORA requirements.
  • Assist in the post-incident review process, deriving lessons learned and incorporating them into the ICT Risk Management Framework.


Third-Party Risk Management:

  • Support the rigorous due diligence process for new and existing ICT third-party providers, with a particular focus on security and operational resilience.
  • Ensure contractual agreements with third-party providers include all mandatory DORA-compliant safeguards (e.g., security standards, audit rights, incident notification requirements, exit strategies).
  • Contribute to the continuous monitoring of third-party performance and compliance against SLAs and regulatory requirements.


Monitoring, Reporting & Documentation:

  • Contribute to the KRI dashboard for real-time visibility into ICT risks and ensure timely internal and external reporting to the CRO, ERC, Board, and relevant competent authorities (e.g., AFM).
  • Maintain comprehensive documentation and record-keeping for all ICT risk management activities, assessments, incidents, and remediation efforts, adhering to required retention periods.


You should apply if you have: βœ…


  • 3 years + experience within Information Security, ICT Risk management or other related Compliance role
  • Demonstrable understanding and practical experience with DORA compliance requirements
  • Strong knowledge of ICT risk management frameworks (e.g., NIST, ISO 27001, COBIT).
  • Experience with risk assessment methodologies and tools and a sound understanding of incident response lifecycles and vulnerability management
  • Excellent analytical, problem-solving, and communication skills (written and verbal).
  • Ability to work independently and collaboratively within a fast-paced, evolving environment.



What will put you on top of our shortlist πŸ”


  • Familiarity with regulatory compliance in the financial sector (e.g., MiCA, GDPR) is a plus.
  • Experience managing security risks in AWS, Azure or Google Cloud.
  • Exceptionally curious and enquiring mindset with an ability to be fast paced and agile in meeting business needs.


Logistics πŸ› 


To be eligible for this role you must hold full working rights in the Netherlands, unfortunately, we are unable to offer visas of any kind at this time!


We promote a diverse and inclusive culture at BANXA. Fun fact: we currently have over 20 different nationalities in the team, this makes for great potluck lunch days!


Benefits


  • Expand your knowledge on Crypto πŸ“ˆ
  • Working in a disruptive and hyper growth organisation & industry where the possibilities are endless πŸš€
  • Flexible working, location & hours! 🌎
  • Autonomy, ability to make a change & progress your careerπŸ’ͺ


Recruiters, we appreciate you want to try and help us fill this role but we got this one for now. However if anything changes we will be sure to reach out.