ERM Director

About the role

Established in 2018, Bybit is one of the world's leading cryptocurrency exchanges and digital financial platforms, serving over 80 million users across more than 200 countries and regions. Powered by world-class technology and a user-first mindset, Bybit delivers a seamless ecosystem across trading, payments, wealth management, custody, institutional services, and Web3 - connecting users to the future of digital finance. Our core values define how we build. We listen, care and improve to create products and experiences that put users first. Backed by a global team of ambitious builders, problem-solvers, and innovators, we foster a high-performance and fast-moving environment where talent is empowered to drive real impact at the global scale. Supported by 24/7 multilingual customer service and a strong commitment to innovation, we are shaping the future of finance through technology, collaboration, and bold execution. Today, Bybit is recognized as one of the most trusted and transparent platforms in the digital asset industry, continuing to expand its global presence while building the infrastructure for the next generation of financial services. We are seeking a highly experienced and capable Enterprise Risk Management (ERM) Lead to establish and lead the second-line enterprise risk function for Bybit. This role is responsible for designing and maintaining the ERM framework, providing independent second-line oversight across financial and non-financial risks, and ensuring alignment with global regulatory expectations applicable to cryptocurrency exchanges. The role will focus on strengthening risk governance, risk appetite articulation, risk identification and monitoring, and regulatory-facing risk capabilities. This position serves as a key interface with regulators and group-level risk teams and plays a critical role in supporting Bybit's sustainable growth and regulatory readiness. This position reports to the Global Head of Internal Audit and Enterprise Risk.

Responsibilities

• ERM Framework & Governance
• Lead the establishment and ongoing enhancement of the group-wide ERM framework, acting as the second-line owner of ERM.
• Design and enhance risk governance structures, policies, and standards in alignment with COSO ERM , ISO 31000 , and relevant regulatory requirements.
• Develop and maintain risk taxonomy, risk classification standards, and risk appetite statements to ensure consistency across regions and business units.
• Enterprise Risk Identification & Monitoring
• Coordinate the identification and assessment of enterprise-wide risks across regions and BUs, covering both financial and non-financial risk domains.
• Work collaboratively with first-line and second-line functions (e.g. Finance, Security, Legal and Compliance, and group-level risk teams) to ensure appropriate and sufficient risk mitigation and monitoring measures are in place.
• Ensure risk identification, assessment, and monitoring approaches are consistent, proportionate, and aligned with Bybit's approved risk appetite, strategic objectives, and regulatory expectations.
• Maintain the enterprise Risk Register , and associated risk and control logs covering all material financial and non-financial risks across the business.
• Risk Advisory, Monitoring & Reporting
• Act as a central risk advisory function on specific risk topics (e.g. third-party and outsourcing risks, liquidity risk, operational and technology risks), working collaboratively with relevant teams to support effective risk mitigation and monitoring.
• Design and coordinate Risk and Control Self-Assessments (RCSAs) to assess the adequacy of key controls and to identify emerging risk trends across the business.
• Develop and maintain Key Risk Indicators (KRIs) to enable ongoing monitoring of material risks and early identification of risk deterioration.
• Maintain enterprise-level risk dashboards, heatmaps, and reporting , providing clear visibility of risk trends, incidents, and control effectiveness to senior management and the board.
• Ensure risk incidents, material risk events, and remediation actions are appropriately captured, analyzed, and reflected in enterprise risk reporting
• Business Continuity Management (BCM)
• Support the development and periodic review of the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
• Participate in business impact analyses and risk scenario planning, and ensure resilience measures are well-documented and effective.
• Group & Regulatory Coordination
• Act as the primary liaison with group-level risk and compliance teams, ensuring local ERM implementation aligns with broader group strategy and expectations.
• Implement group-wide risk policies, standards, and procedures, tailoring them to local regulatory and operational contexts.
• Coordinate and support group risk reporting requirements, contributing to consolidated dashboards, reviews, regulatory engagements, and audits.

Requirements

• Qualifications & Experience
• Bac

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Bybit? Share your experience