Security Assurance Specialist

About Chainlink Chainlink is the industry-standard oracle platform bringing the capital markets onchain and powering the majority of decentralized finance (DeFi). The Chainlink stack provides the essential data, interoperability, compliance, and privacy standards needed to power advanced blockchain use cases for institutional tokenized assets, lending, payments, stablecoins, and more. Since inventing decentralized oracle networks, Chainlink has enabled tens of trillions in transaction value and now secures the vast majority of DeFi. Many of the world’s largest financial services institutions have also adopted Chainlink’s standards and infrastructure, including Swift, Euroclear, Mastercard, Fidelity International, UBS, S&P Dow Jones Indices, FTSE Russell, WisdomTree, ANZ, and top protocols such as Aave, Lido, GMX and many others. Chainlink leverages a novel fee model where offchain and onchain revenue from enterprise adoption is converted to LINK tokens and stored in a strategic Chainlink Reserve. Learn more at chain.link. The Security Team The security department is the guardian of Chainlink Labs’ people and infrastructure. Its principal objective is to safeguard Chainlink Labs and its assets against potential threats from any external or internal source. This mission is accomplished through a combination of specialized security engineering, the deployment of cutting-edge technologies, forward-thinking policy development, and the training of highly skilled, security-aware personnel throughout the entire organization. As an indispensable component of the larger organization, the team seeks to promote a widely understood culture of security, safeguarding our most valuable assets while remaining agile and accessible to all employees and the community. As a Security Assurance Specialist, you will be responsible for assisting in the implementation of key security requirements across the business. You will build and maintain Security Control Frameworks and conduct periodic testing of security controls. You will conduct third-party risk reviews in collaboration with the procurement, legal, and finance teams. You will also assist in identifying, documenting, and managing remediation of risks identified to the business. This role is also a career-defining opportunity, as you will be a part of a fast-growing tech company that is successfully implementing a key piece of the world’s blockchain infrastructure designed to power the digital agreements of the future. As a Security Assurance Specialist, you will be responsible for strengthening the company’s compliance posture, ensuring audit readiness, and driving automation across all security controls. You will play a key role in bridging compliance requirements with scalable technical solutions while enabling teams across the business.

Key Responsibilities

• Lead Compliance Programs & Audits
• Manage end-to-end compliance initiatives (e.g., SOC 2, ISO 27001)
• Serve as the primary liaison with external auditors, internal auditors, and internal stakeholders to ensure successful audit outcomes.
• Drive timely collection, validation, and submission of audit evidence.
• Design & Automate Controls
• Assess current manual controls and partner with Engineering and Security teams to implement automated, technology-driven compliance controls.
• Build and maintain continuous monitoring dashboards to provide real-time visibility into compliance posture.
• Collaborate with tooling teams to integrate compliance checks into internal systems.
• Enablement & Cross-Functional Partnership
• Build strong relationships with Engineering, Security, Legal, People, Finance and Product teams with the goal of embedding compliance into daily workflows.
• Provide guidance to control owners and business units to ensure ownership, accountability, and audit readiness.
• Continuous Improvement
• Benchmark and improve the company’s compliance program against industry best practices (NIST, CIS, CSA, ISO, DORA etc.).
• Identify opportunities to reduce manual effort and increase the scalability of compliance activities.
• Stay current with regulatory changes, industry trends, and emerging compliance automation solutions.

Requirements

• Minimum 5+ years of experience in Security Assurance, Security GRC, or a related compliance/security function.
• Proven expertise in security risk assessments, security controls testing and automation.
• Strong knowledge of industry standards and regulatory frameworks (ISO 27001, SOC 2, NIST).
• Experience in implementing, monitoring, and automating security controls aligned with recognized frameworks.
• Skilled in assessing, tracking, and reporting on control deficiencies, and driving timely remediation.
• Solid understanding of technology environments including applications, infrastructure and SaaS
• Ability to translate compliance requirements into technical control implementations and automated processes.
• Proficiency in documenting processes, procedures, and system re

Apply tot his job Apply To this Job