Head of Security

Summary

Join our pioneering Web3 venture studio as Head of Security and play a critical role in upholding the security of all our products, from design to completion. You will oversee the security of our blockchain network, ensuring the protection of individual applications and the entire network. This involves integrating security practices into the DevOps pipeline, conducting security risk assessments, and developing mitigation strategies. You will also be responsible for cryptographic key management, smart contract audits, and fostering a positive security culture. We offer flexible hours, a remote budget, 28 vacation days, and a supportive international team.

Requirements

• 4+ years proven experience as a security lead
• In-depth knowledge of consensus algorithms, cryptographic security mechanisms, and smart contract security, with a focus on those used in Polkadot, Ethereum, Solana, Cosmos, and Binance ecosystems
• Experience in Security Architecture, specially with respect to the applications building on top of blockchain networks
• Experience in blockchain-specific incident response and threat intelligence, including real-time monitoring of network activities, anomaly detection, and quick response to security breaches
• Proficiency in using blockchain analytics tools for security monitoring and forensics
• Proven experience in conducting smart contract audits or pallets, with a focus on identifying and mitigating vulnerabilities in smart contracts across various blockchain platforms
• Prior work experience in blockchain/cryptocurrency fields
• Understanding of network security (incl. Network and Host IDS/IPS, WAF, SIEM, Antimalware, DLP, URL filtering, other)
• Secure coding and Security Testing knowledge (SAST and DAST), Vulnerability management
• Understanding of OWASP top ten web application security risks
• Understanding of the Polkadot ecosystem
• Hands-on experience implementing security protocols for both pallets and smart contracts

Responsibilities

• Be the owner of security of new and existing products through pentesting and threat modeling, and contribute towards internal tooling and integration to ensure that security is baked into the software development lifecycle
• Oversee cryptographic key management and encryption strategies to safeguard data integrity
• Integrate security practices seamlessly into the DevOps pipeline, ensuring that security is not a hindrance but an integral part of the development lifecycle
• Build a comprehensive, prioritized assessment of the security risks that our on/off chain products face and a roadmap for mitigating those risks
• Develop on/off chain security strategies and provide security guidance for new on/off chain products and technologies
• Support teams in reviewing, auditing, and securing novel smart contracts and pallets
• Review systems to secure digital assets (e.g. cryptocurrency) from attackers
• Oversee the cryptographic security measures implemented in our decentralized systems
• Conduct security risk assessments, audits, and vulnerability studies to identify vulnerabilities and risks, and develop action plans to mitigate them
• Develop and implement cohesive policies, procedures, and training programs
• Promote positive security culture, risk management, and security awareness

Benefits

• Flexible hours and a dedicated remote budget
• 28 vacation days
• A Macbook, and other tech to help you to do your job
• The opportunity to build and contribute to high-impact projects in a new industry that will positively shape the lives of hundreds of millions of people
• High growth potential. Room to grow professionally, while learning new skills and working at the cutting edge of the decentralized Machine Economy
• A warm and open culture at an international organization with team members from all four corners of the globe