Security Management Lead

Security Management Lead

ABFinance is a US-based firm building digital finance for the future. Our vision is to create a full financial ecosystem where digital assets, traditional finance, and everyday money management live in one seamless experience that is made available to everyone. Founded by a team of innovators, traders, and compliance professionals, our mission is to bring digital assets to the mainstream through secure, regulated products. Our flagship ecosystem combines a compliant, security-first crypto exchange serving both retail and institutional clients, alongside a Debit Card that enables everyday spending and smooth bridging between fiat and digital assets, supported by core capabilities such as spot trading and yield generation products. Job Responsibility Develop and continuously optimize the company’s security-related management processes, security policies, and systems to enhance the efficiency and security of security management. Regularly review system permissions and access controls to ensure authorization is granted only to appropriate personnel and roles; collaborate with various departments to conduct system permission requirement analysis, provide permission configuration solutions, and implement them. Support information security audits to ensure system permissions and security policies comply with the company’s internal regulations and local legal compliance requirements. Conduct regular company-wide security training to ensure employees have sufficient security awareness to prevent hacker attacks. Perform security reviews and risk assessments on the company’s data. Requirements: Bachelor’s degree or above; majors in Computer Science, Information Security, Network Engineering, or related fields are preferred. 5 years of experience in system permission management, security management, or information security work in large enterprises or groups. Familiar with common system permission management tools (e.g., LDAP, Okta) and access control strategies. Familiar with information security standards, regulations, and compliance requirements (e.g., ISO 27001, GDPR). Fluent in English, with the ability to read and write English technical documents and conduct basic English communication. Strong analytical skills, problem-solving abilities, and teamwork spirit. Preferred Qualifications: Possession of information security-related certifications (e.g., CISSP, CISM, CISA). Prior experience in permission management for cloud platforms (e.g., AWS, Azure, GCP) is preferred.