At CoinJar, we've made cryptocurrency useful and accessible to clients for over a decade. Established in Australia in 2013, CoinJar has since built a trusted platform where clients benefit from intuitive tools to buy, sell, spend and trade cryptocurrency. CoinJar operates through local subsidiaries in Australia, the United Kingdom, and Ireland (CoinJar Europe Limited). Following our successful MiCAR authorisation, CoinJar is looking to further grow in the region.

About the Role
The CoinJar group takes pride in a track record of operational excellence, enabled by robust technology and security practices. As our Head of Data, Security & Resilience you will play a crucial role in maintaining and enhancing our IT infrastructure, security controls, and operational resilience as we comply with the EU's Digital Operational Resilience Act (DORA).

This position is ideal for a mid-senior security or infrastructure professional who is ready to step into a strategic leadership role within a regulated environment. The role involves building ICT resilience frameworks from the ground up in accordance with DORA requirements. You will design and implement enterprise-grade business continuity and disaster recovery programmes that deliver meaningful business impact. You will also lead key security initiatives in the dynamic crypto-asset industry.

Note: This role requires PCF-49 Central Bank of Ireland approval.

Key Responsibilities

Operational Resilience

• Lead the implementation and maintenance of CoinJar Europe's ICT Risk Management Framework in line with DORA requirements
• Oversee the monitoring and reporting of Key Risk Indicators (KRIs) and ICT risk exposures
• Continuously develop and align ICT governance with DORA standards and Central Bank of Ireland guidance
• As a member of the Risk Management Committee, lead on ICT risk reviews and assessments
• Support vendor due diligence and ongoing monitoring of ICT third-party risks
• Utilise the Vanta platform for continuous control monitoring and evidence collection
  

Business Continuity & Disaster Recovery (BCP/DR)

• Own the Implementation and testing responsibilities of the disaster recovery plans for critical ICT systems
• Coordinate BCP/DR testing exercises and document lessons learned
• Maintain and monitor Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) for critical functions
• Manage incident response procedures and contribute to post-incident reviews
• Support emergency recovery planning and crisis management protocols
  

Security & Access Control Management

• Maintain security frameworks covering identity and access management (IAM), network security, and endpoint protection
• Monitor access control policies ensuring least-privilege principles
• Oversee vulnerability management programs and coordinate penetration testing activities
• Manage security monitoring tools (SIEM) and respond to security alerts
• Conduct regular security assessments and drive remediation efforts
• Review and approve changes to critical ICT systems affecting CoinJar Europe
  

Governance & Reporting

• Prepare regular reports for Board of Directors and Senior Management on ICT security and resilience
• Support Internal Audit with ICT control validation and audit evidence
• Develop and Maintain ICT documentation, policies, and procedures
• Liaise with Compliance team on regulatory reporting requirements

• Bachelor's degree in computer science, information technology, cybersecurity, or a related field
• 5-8 years of experience in IT security, infrastructure management, or risk management roles
• Hands-on experience designing and testing business continuity/disaster recovery plans
• Practical knowledge of security frameworks (e.g., ISO 27001, NIST) and access control implementation
• Understanding of cloud infrastructure (AWS preferred) and security monitoring tools
• Familiarity with data privacy regulations (GDPR) and security best practices
• Strong problem-solving skills and ability to work independently
• Excellent communication skills with ability to explain technical concepts to non-technical stakeholders

• Dynamic work environment within a global platform
• Innovative company looking to grow globally
• Flexible working arrangements