Responsibilities:

📍Support Gemini’s response to Regulators, Auditors, Client inquiries, and Due Diligence Questionnaires. 📍Lead Gemini’s efforts to maintain SOC 2 Type 2, ISO27001, PCI DSS, and other security certifications. 📍Lead Gemini security compliance to NYSDFS Reg. 500, CBI, UK FCA and other regulators. 📍Automate the responses to questions from external parties related to Gemini security governance. 📍Develop tooling to track the organization’s cybersecurity risk and compliance status. 📍Lead Gemini’s compliance automation efforts focused on maintaining and validating controls and associated evidence. 📍Research, implementation, and maintenance of compliance related tools: evidence collection automation and control monitoring 📍Collaborate with multiple stakeholders including HR, Legal, Operations, Engineering for maintaining GRC programs. 📍Translate the regulatory requirements into implementable and software driven controls. 📍Orchestrate the enterprise wide business continuity planning and testing with technology teams. 📍Develop and implement strategies to audit internal security/cybersecurity controls. 📍Advise Gemini’s security team and leadership on additional security governance measures. 📍Understand, automate, and regulate internal identity, access, permissions, and entitlements, as it relates to full-time employees as well as contingent workers / contractors / consultants. 📍Serve as a primary point of contact for security issues that require prompt remediation.

Minimum Qualifications:

📍BA/BS degree or equivalent practical experience. 5 years of experience in the cyber security field developing and/or updating cyber security related documentation, policies, procedures and standards. 📍Strong analytical and creative problem solving skills. 📍Strong interpersonal skills to interact with customers, senior level personnel, auditors, and team members. 📍Strong organization skills to prioritize work and balance complex projects. 📍Ability to work independently and as part of a broader team.