Responsibilities
Strategic Leadership
1. Define a multi-year security engineering strategy aligned with business risk appetite and regulatory requirements.
2. Drive high-impact initiatives including infrastructure hardening, application security, threat detection and response, and digital asset protection.
Team Development & Mentorship
3. Build, lead, and nurture a high-performing security engineering team.
4. Set clear objectives, performance metrics, and career development plans.
Architecture & Engineering Oversight
5. Design secure-by-default patterns for AWS, Kubernetes, CI/CD pipelines, and digital asset custody.
6. Conduct threat modeling for distributed systems and approve mitigation strategies.
Automation & Scalability
7. Lead efforts to automate vulnerability discovery, measurement, and contextualization.
8. Minimize manual processes using Python tooling and Infrastructure-as-Code (IaC) scanning.
Cross-Functional Collaboration
9. Act as the primary bridge between Security, Engineering, Operations, and IT.
10. Embed security requirements early in product development and support teams throughout delivery.
Research & Threat Intelligence
11. Stay ahead of emerging threats such as DeFi exploits and cloud privilege escalation.
12. Translate research into actionable controls and incident response playbooks.
13. Develop and test incident response procedures; ensure 24/7 detection coverage.
14. Present security posture, metrics, and strategic plans to executive leadership.
Required Qualifications
15. 10+ years in security engineering, including 3+ years leading high-performing teams in fintech, exchanges, or large-scale web environments.
16. Deep expertise in one or more domains: cloud/infrastructure hardening, application security, detection engineering, or crypto security.
17. Proven experience deploying automated security pipelines (, IaC scanning, secret detection, exploit simulation).
18. Proficiency in modern programming languages (Python, Go, Rust) and familiarity with microservices and distributed systems.
19. Experience conducting threat modeling for high-value, low-latency trading or custody platforms.
20. Strongmunication skills with the ability to translate technical risks into business impact.
Preferred Qualifications
21. Leadership experience in financial institutions, broker-dealers, or regulated digital asset platforms.
22. Knowledge of custody models, MPC wallets, or DeFi smart contract risks.
23. Advanced degree inputer Science, Information Security, or a related field.
Job ID PR/550132