Lead, IT Risk

GeminiNew York, NY
$99,400 - $142,000Hybrid

About The Position

Gemini is a global crypto and Web3 platform seeking a Lead of Technology Risk to bridge the gap between IT, security stakeholders, the business, and the risk management department. This role is crucial for establishing risk and control perspectives within the organization. The position requires in-person presence twice a week at the New York City office.

Requirements

  • Bachelor’s or advanced degree in Information Security, Risk Management, or related field.
  • 8+ years of experience in IT internal audit, IT risk management, or related roles in highly regulated industries with strong knowledge of IT risk, cybersecurity, operational risk, and third-party/vendor risk.
  • Proven experience in implementing risk management frameworks, control testing, and data governance.
  • Familiarity with regulatory requirements (NYDFS, SOC2, PCI DSS).
  • Excellent communication and stakeholder engagement skills.

Nice To Haves

  • Previous experience working at a digital asset institution.
  • At least one relevant industry certification (e.g., CISSP, CISM, CRISC, CISA).
  • Experience with GRC tools (e.g., AuditBoard, Archer).
  • Strong executive presence with ability to drive enterprise-wide alignment.

Responsibilities

  • Execute the IT Risk Management Framework, including risk identification, analysis, and reporting.
  • Conduct annual IT risk assessments, including RCSAs, targeted risk reviews, and new product/key initiative assessments.
  • Maintain the IT risk register; ensure timely updates and accurate reporting of exposures.
  • Perform post-mortem risk reviews for critical incidents and support operational loss reviews with ORM.
  • Assist the Head of IT Risk in maintaining risk policies, standards, and procedures that align with Gemini’s enterprise risk management program and regulatory expectations (NYDFS, DFS, OCC, CFTC).
  • Coordinate with Technology and Security teams to ensure policies and controls are properly implemented and followed.
  • Help prepare materials for risk committees, regulators, and senior leadership.
  • Partner with Internal Audit, IT, Security, and BCM to assess design and operating effectiveness of IT and cyber controls.
  • Support control testing for internal/external audits, RCSAs, and regulatory examinations.
  • Track remediation and validate closure of issues using GRC tool(s).
  • Serve as a liaison between IT Risk and other functional areas, facilitating risk awareness and control adoption.
  • Provide guidance to IT teams on risk and control considerations for new projects, initiatives, and system changes.
  • Contribute to risk awareness training and initiatives across the organization.
  • Assist in the development of periodic risk dashboards and key risk indicators (KRIs).
  • Support the Head of IT Risk in communicating IT risk posture to senior leadership.
  • Support development of IT & Security dashboards; ensure metric accuracy and timely updates.
  • Execute and maintain the Business Continuity Management (BCM) program, including governance artifacts, testing, audits, and issue remediation.
  • Assess and manage business continuity risks, including people dependencies, facilities, physical security, and third-party operational resilience.
  • Drive crisis response and regulatory notifications (e.g., NYDFS), including escalation, documentation, and external stakeholder coordination.
  • Validate vendor BCM compliance and define and monitor business impact thresholds (RTOs, RPOs, tolerances), supporting ongoing impact assessments and reporting.

Benefits

  • Competitive starting pay
  • A discretionary annual bonus
  • Long-term incentive in the form of a new hire equity grant
  • Comprehensive health plans
  • 401K with company matching
  • Paid Parental Leave
  • Flexible time off
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service