Overview\nAbout Keyrock: Since our beginnings in 2017, we’ve grown to be a leading change-maker in the digital asset space, renowned for our partnerships and innovation. Today, we rock with over 200 team members around the world. Our diverse team hails from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs. Predominantly remote, we have hubs in London, Brussels, Singapore and Paris, and host regular online and offline hangouts to keep the crew tight. We are trading on more than 80 exchanges, and working with a wide array of asset issuers. As a well-established market maker, our distinctive expertise led us to expand rapidly. Today, our services span market making, options trading, high-frequency trading, OTC, and DeFi trading desks as well as digital asset management. Keyrock is looking to expand and establish itself as a full-service financial institution through both organic innovation and inorganic growth. We’re not just envisioning the future of digital assets—we’re actively building it.\nRole Summary\nAs a Senior Security Program Manager, you will drive execution of Keyrock’s highest-priority security initiatives across a fast-moving, always-on trading environment. You’ll build structure, visibility, and predictable delivery across security programs—partnering with Engineering, Infrastructure/Cloud, Trading/Quant Engineering, IT, Risk/Compliance, and leadership to reduce risk while enabling business velocity. This role is ideal for someone who can translate security strategy into delivery: clear roadmaps, measurable outcomes, and strong cross-functional coordination.\nWhat You’ll Do Program leadership & delivery Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes).\nCreate and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services).\nEstablish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates.\nSupport the CISO in delivering firmwide initiatives. Security governance, risk, & control initiatives Partner with Security and Engineering teams to drive key initiatives such as: access governance, secrets management, vulnerability remediation, security logging/monitoring improvements, endpoint/security baseline, and secure SDLC enablement.\nHelp mature control coverage and evidence for internal/external assurance needs (as applicable in a financial-services context).\nPartner with the Director of GRC to support GRC and audit initiatives. Incident readiness & operational resilience Partner with Security Operations to improve incident preparedness through playbooks, tabletop exercises, lessons learned, and operational runbooks—ensuring security response stays effective in a high-availability trading environment. Cross-functional influence Act as the “glue” across technical and business stakeholders—clarifying ownership, unblocking delivery, and keeping programs moving with crisp communication.\nBuild lightweight, scalable processes that improve security consistency without slowing teams. What Success Looks Like (first 6–12 Months) A clearly prioritized security program roadmap with measurable KPIs and predictable execution.\nImproved security readiness for key business areas, aligned with Keyrock’s activities (market making, OTC, options, treasury).\nHigher stakeholder confidence via clear reporting, risk transparency, and consistent program delivery. Minimum Qualifications 7+ years in security program management / technical program management / security operations program delivery.\nDemonstrated experience running cross-functional programs across engineering and operations (scope, schedule, risks, dependencies).\nStrong technical fluency in cloud/infra, identity/access, vulnerability management, security monitoring, and incident processes.\nExcellent written/verbal communication with the ability to translate complex risk into clear priorities. Preferred Qualifications Experience in fintech, trading, payments, or digital assets, especially environments requiring high uptime and rapid execution.\nFamiliarity with security frameworks (NIST CSF, ISO 27001) and audit/assurance concepts.\nExperience supporting security programs that intersect with financial integrity domains (e.g., AML/CFT awareness is a plus given Keyrock’s financial-services context).\nRelevant certifications (e.g., CISM, CISSP, CISA, CRISC, PMP) or equivalent demonstrated expertise.