Currency Exchange International (CXI) is a Money Service Business based in Orlando, Florida.

Currency Exchange International, Corp. is a publicly traded company on the Toronto Stock Exchange (CXI) and OTC (CURN). CXI provides a wide range of foreign exchange services to customers in both the United States and in Canada. CXI’s primary business channels to service customers are through its company-owned branch locations and foreign exchange partnerships with financial institutions and corporations. CXI has been providing global payment solutions for clients that span wide-ranging industries. As one of North America's leading foreign exchange wholesalers, CXI can provide personalized and efficient service, competitive rates, as well as a number of settlement options. Visit our website to learn more about life at CXI: https://www.ceifx.com/about/life-at-cxi

Our Value Statement: We help our clients identify and create foreign exchange solutions, delivering a best practices approach through unparalleled customer service and integrated technology to create significant financial and operational efficiencies.

Our Values:

• Customer First - We earn the right to be our clients’ first choice.
• Integrity - We hold ourselves to the highest standard to build trust.
• Collaborative - We always win as a team.
• Innovative - We find new methods to deliver change and advance technology to the industry.
• Passionate - We are driven to be the best in class.

Currency Exchange International is seeking a driven professional, with strong attention to detail to join their team as a InfoSec GRC Specialist!

Role Purpose: The InfoSec GRC Specialist supports IT and Information Security in governance, risk management, compliance, “GRC,” and security awareness practices.

With the support of the Cyber Security Risk Manager, the IS GRC Specialist will foster strong working relationships with business leaders and drive the development of a security-aware culture throughout the enterprise. The IS GRC Specialist will assist in improving the security posture of the company and audit readiness through evaluating internal and external risk, and assisting in security testing, audits, and security awareness.

The successful candidate has a strong interest in security regulations, thinks strategically, is intellectually curious, and is comfortable working in undefined problem spaces. The IS GRC Specialist is expected to contribute to the innovation of the enterprise information security and GRC programs. As a member of a growing enterprise, the IS GRC Specialist will help shape the risk program and will have the opportunity to operate with empowerment from leadership. The IS GRC Specialist will be cross-trained to support all GRC and security awareness functions.

Essential Functions:

• Evaluate the implementation of security controls and frame security risk in terms of business objectives.
• Maintain an up-to-date common control library.
• Develop and deliver security awareness training.
• Evaluate the security posture of third parties.
• Review and improve security and infosec policies.
• Support evidence collection of various audits and regulatory exams.
• Support the development and maintenance of the IS GRC programs, framework, and methodologies.
• Maintain up-to-date knowledge of security techniques, regulatory landscapes, and best practices.

Other Duties:

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.

Required Education and Experience:

• Degree in information security, Information Technology, or similar field.
• 2-5 years’ experience in Information Security or Information Technology.
• Thinks critically and analytically with the ability to express a point of view supported by data (for both technical and non-technical audiences)
• Raises concerns early and facilitates constructive problem-solving at all levels of the enterprise; knows when to escalate.
• Exhibits passion for learning in technology and cybersecurity domains .
• Collaborates effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives.
• Displays the ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions.
• Manages multiple parallel initiatives.
• Is execution-oriented and self-motivated.

Preferred Qualifications:

• Experience with security frameworks and audits (SOC, ISO, regulatory)
• Experience with information security risk assessments
• Security certification such as Security+, Network+, CySA+, SSCP, CRISC, CGRC, CISA, CCSP, CCSK, AWS Security Specialist
• Familiarity with cloud computing concepts

Competencies:

• Action Oriented
• Functional Skills
• Situational Adaptability
• Effective Communication
• Optimizing Work Processes
• Nimble Learning

• Commuter Reimbursement - CXI will pay the toll, bus or metro cost in and out of work
• Vacation - 2 weeks of paid vacation
• Sick/Personal Days - 1 week of paid sick/personal time off
• Health/Dental/Vision - CXI pays 60% of the Health/Dental/Vision Insurance premiums
• Short and Long-Term Disability - Plan premiums are fully covered by CXI
• 401K Plan - Eligible to enroll in this plan after 1 year of employment, CXI matched up to 5%