Manager, Technology Risk

About the Company

Gemini is a global crypto and Web3 platform founded by Cameron and Tyler Winklevoss in 2014, offering a wide range of simple, reliable, and secure crypto products and services to individuals and institutions in over 70 countries. Our mission is to unlock the next era of financial, creative, and personal freedom by providing trusted access to the decentralized future. We envision a world where crypto reshapes the global financial system, internet, and money to create greater choice, independence, and opportunity for all — bridging traditional finance with the emerging cryptoeconomy in a way that is more open, fair, and secure. As a publicly traded company, Gemini is poised to accelerate this vision with greater scale, reach, and impact.

The Department: Risk

At Gemini, our Risk function plays a critical role in proactively identifying, assessing, responding to, and communicating Gemini’s exposure, both internally and externally. Gemini is building a robust second line of defense in a first-of-its kind industry; our goal: safeguard Gemini and our users so that we can continue to empower the individual through crypto.

The Role: Manager, Technology Risk

The Manager of Technology Risk position is predominantly focused on helping the overall risk management group and different areas of technology to come together. This role will be helping establish areas from a risk and control perspective and working as a bridge between IT and security stakeholders, the business and the risk management department.

This role is required to be in person twice a week at either our San Francisco, CA or New York City, NY office.

Responsibilities:

• Risk Assessment & Monitoring
  • Execute the IT Risk Management Framework, including risk identification, analysis, and reporting.
  • Conduct annual IT risk assessments, including RCSAs, targeted risk reviews, and new product/key initiative assessments.
  • Maintain the IT risk register; ensure timely updates and accurate reporting of exposures.
  • Perform post-mortem risk reviews for critical incidents and support operational loss reviews with ORM.
• Governance & Frameworks
  • Assist the Head of IT Risk in maintaining risk policies, standards, and procedures that align with Gemini’s enterprise risk management program and regulatory expectations (NYDFS, DFS, CFTC, DORA EU 2025).
  • Coordinate with Technology and Security teams to ensure policies and controls are properly implemented and followed.
  • Help prepare materials for risk committees, regulators, and senior leadership.
• Controls & Testing
  • Partner with Internal Audit, IT, Security, and BCM to assess design and operating effectiveness of IT and cyber controls.
  • Support control testing for internal/external audits, RCSAs, and regulatory examinations.
  • Track remediation and validate closure of issues using GRC tool(s).
• Collaboration & Stakeholder Management
  • Serve as a liaison between IT Risk and other functional areas, facilitating risk awareness and control adoption.
  • Provide guidance to IT teams on risk and control considerations for new projects, initiatives, and system changes.
  • Contribute to risk awareness training and initiatives across the organization.
• Reporting & Metrics
  • Assist in the development of periodic risk dashboards and key risk indicators (KRIs).
  • Support the Head of IT Risk in communicating IT risk posture to senior leadership.
  • Support development of IT & Security dashboards; ensure metric accuracy and timely updates.

Minimum Qualifications:

• Bachelor's or advanced degree in a relevant field (e.g., Information Security, Risk Management).
• 8+ years of experience in IT internal audit, IT risk management, or related roles in highly regulated industries with strong knowledge of IT risk, cybersecurity, operational risk, and third-party/vendor risk.
• Proven experience in implementing risk management frameworks, control testing, and data governance.
• Familiarity with regulatory requirements (NYDFS, SOC2, PCI DSS, DORA EU).
• Excellent communication and stakeholder engagement skills.

Preferred Qualifications:

• Previous experience working at a digital asset institution.
• At least one relevant industry certification (e.g., CISSP, CISM, CRISC, CISA).
• Experience with GRC tools (e.g., AuditBoard, Archer). 
• Strong executive presence with ability to drive enterprise-wide alignment.

• Competitive starting salary
• A discretionary annual bonus
• Long-term incentive in the form of a new hire equity grant
• Comprehensive health plans
• 401K with company matching
• Paid Parental Leave
• Flexible time off

Salary Range: The base salary range for this role is between $112,000 - $160,000 in the State of New York, the State of California and the State of Washington. This range is not inclusive of our discretionary bonus or equity package. When determining a candidate’s compensation, we consider a number of factors including skillset, experience, job scope, and current market data.

In the United States, we offer a hybrid work approach at our hub offices, balancing the benefits of in-person collaboration with the flexibility of remote work. Expectations may vary by location and role, so candidates are encouraged to connect with their recruiter to learn more about the specific policy for the role. Employees who do not live near one of our hubs are part of our remote workforce.

At Gemini, we strive to build diverse teams that reflect the people we want to empower through our products, and we are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. Equal Opportunity is the Law, and Gemini is proud to be an equal opportunity workplace. If you have a specific need that requires accommodation, please let a member of the People Team know.

#LI-MW1