We are looking for our inaugural Security Engineer to establish and lead the security function in both Web2 and Web3 environments. This pivotal role is dedicated to safeguarding our infrastructure, products, and users as our platform grows. You will collaborate closely with engineering, DevOps, and leadership teams to design and implement security best practices throughout the organization.

The Role

You will be responsible for a variety of security tasks, including:

Responsibilities

• Application & Protocol Security: Secure smart contracts, APIs, and user-facing applications.
• Infrastructure Security: Enhance cloud environments (e.g., AWS, GCP), networking, and endpoints.
• Supply Chain Security: Strengthen build and deployment security through CI/CD hardening, implement dependency management, artifact signing, and SBOM practices.
• Monitoring & Detection: Deploy and manage monitoring tools (e.g., SIEM, anomaly detection, alerting) and monitor both infrastructure and on-chain activities.
• Security Operations: Conduct audits, manage access controls, secrets, and incident response.
• Policies & Awareness: Define security policies and best practices, support internal training, and promote a security-first culture.
• Vendor & Risk Management: Evaluate third-party tools, services, and integrations.
• Incident Response: Design and maintain incident response processes and playbooks.

Nice to Have

• Familiarity with compliance frameworks (e.g., SOC 2, ISO 27001, GDPR).
• Knowledge of key and wallet security (HSMs, MPC, custody solutions).
• Experience in red teaming/penetration testing and managing bug bounty programs with external security researchers.

What We’re Looking For

• Proven experience in security engineering across infrastructure, cloud, or product environments.
• Understanding of blockchain/Web3 systems and their associated threat models.
• Capability to work as a hands-on generalist and establish security foundations from scratch.