Lead, IT Risk - Gemini

Fully remote

Added
Type
Full-time
Salary
$99k - $142k

About the Company

Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all — bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact.

The Department: Enterprise Risk

Risk at Gemini is a team dedicated to managing the next generation of financial and non-financial risks in a complex and evolving landscape. We are a diverse group of technology, legal, and operational professionals who develop new approaches to solving classic problems using cutting edge tools and processes in an ever changing industry. We are looking for like-minded individuals who are willing to be bold, visionaries and live the ethos of turning risk into return for our shareholders.

The Role:Lead, IT Risk

The Lead of Technology Risk position is predominantly focused on helping the overall risk management group and different areas of technology to come together. This role will be helping establish areas from a risk and control perspective and working as a bridge between IT and security stakeholders, the business and the risk management department.

This role is required to be in person twice a week at our New York City, NY office.

Responsibilities:

Risk Assessment & Monitoring

  • Execute the IT Risk Management Framework, including risk identification, analysis, and reporting.
  • Conduct annual IT risk assessments, including RCSAs, targeted risk reviews, and new product/key initiative assessments.
  • Maintain the IT risk register; ensure timely updates and accurate reporting of exposures.
  • Perform post-mortem risk reviews for critical incidents and support operational loss reviews with ORM.

Governance & Frameworks

  • Assist the Head of IT Risk in maintaining risk policies, standards, and procedures that align with Gemini’s enterprise risk management program and regulatory expectations (NYDFS, DFS, OCC, CFTC).
  • Coordinate with Technology and Security teams to ensure policies and controls are properly implemented and followed.
  • Help prepare materials for risk committees, regulators, and senior leadership.

Controls & Testing

  • Partner with Internal Audit, IT, Security, and BCM to assess design and operating effectiveness of IT and cyber controls.
  • Support control testing for internal/external audits, RCSAs, and regulatory examinations.
  • Track remediation and validate closure of issues using GRC tool(s).

Collaboration & Stakeholder Management

  • Serve as a liaison between IT Risk and other functional areas, facilitating risk awareness and control adoption.
  • Provide guidance to IT teams on risk and control considerations for new projects, initiatives, and system changes.
  • Contribute to risk awareness training and initiatives across the organization.

Reporting & Metrics

  • Assist in the development of periodic risk dashboards and key risk indicators (KRIs).
  • Support the Head of IT Risk in communicating IT risk posture to senior leadership.
  • Support development of IT & Security dashboards; ensure metric accuracy and timely updates.

Business Continuity & Resilience

  • Execute and maintain the Business Continuity Management (BCM) program, including governance artifacts, testing, audits, and issue remediation.
  • Assess and manage business continuity risks, including people dependencies, facilities, physical security, and third-party operational resilience.
  • Drive crisis response and regulatory notifications (e.g., NYDFS), including escalation, documentation, and external stakeholder coordination.
  • Validate vendor BCM compliance and define and monitor business impact thresholds (RTOs, RPOs, tolerances), supporting ongoing impact assessments and reporting.

Minimum Qualifications:

  • Bachelor’s or advanced degree in Information Security, Risk Management, or related field.
  • 8+ years of experience in IT internal audit, IT risk management, or related roles in highly regulated industries with strong knowledge of IT risk, cybersecurity, operational risk, and third-party/vendor risk.
  • Proven experience in implementing risk management frameworks, control testing, and data governance.
  • Familiarity with regulatory requirements (NYDFS, SOC2, PCI DSS).
  • Excellent communication and stakeholder engagement skills.

Preferred Qualifications:

  • Previous experience working at a digital asset institution.
  • At least one relevant industry certification (e.g., CISSP, CISM, CRISC, CISA).
  • Experience with GRC tools (e.g., AuditBoard, Archer).
  • Strong executive presence with ability to drive enterprise-wide alignment.

It Pays to Work Here

The compensation & benefits package for this role includes:

  • Competitive starting pay
  • A discretionary annual bonus
  • Long-term incentive in the form of a new hire equity grant
  • Comprehensive health plans
  • 401K with company matching
  • Paid Parental Leave
  • Flexible time off

Salary Range:

The base salary range for this role is between $99,400 - $142,000 in the State of New York. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.

In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce.

At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know.

#LI-MW1

Go to job page

Apply for this position

Want to apply directly from the platform? Please use the form below.

Apply through SailOnChain

Connect your wallet to unlock the application form, as well as future benefits and rewards.

Checking your session…

Or apply directly on the company's website via the link above.

Share job

Want to learn more about how the process works?

Read the documentation for information on the application process.

View Documentation
Apply at Gemini
Apply Now →