Operational Information Security Officer

Aztec
Summary
Join Aztec as an Operational ISO and define, execute a comprehensive operational security strategy, working closely with engineering and operations teams. Develop and implement a robust cybersecurity strategy, define security policies, and advise executive leadership on security risks. Lead incident response planning and develop security monitoring systems. Ensure cloud infrastructure and DevSecOps pipeline security, assist with secure SDLC practices, conduct threat modeling, and manage security awareness training. This London-based role requires 7+ years of cybersecurity experience, cloud infrastructure security experience (AWS, GCP, or Azure), and proven ability to design and implement security frameworks. Excellent communication and collaboration skills are essential. The ideal candidate will have experience in a distributed environment, ideally in blockchain security.
Requirements
- 7+ years of experience in cybersecurity
- Experience securing cloud-based infrastructure (AWS, GCP, or Azure) and DevSecOps environments
- Proven ability to design and implement security frameworks in fast-paced, high-growth organizations
- Excellent communication, and cross-functional collaboration skills
Responsibilities
- Develop and implement a robust cybersecurity strategy tailored to Aztecβs processes
- Define security policies, standards, and best practices within the organization
- Advise executive leadership and engineering teams on security risks and industry best practices
- Lead incident response planning , ensuring rapid detection, containment, and remediation of security threats
- Develop security monitoring, logging, and detection systems to prevent unauthorized access
- Ensure the security of cloud-based infrastructure, DevSecOps pipelines, and decentralized nodes
- Assist engineering teams to implement secure software development life cycle (SDLC) practices
- Conduct threat modeling exercises to identify vulnerabilities
- Manage security awareness training for employees, ensuring a culture of security-first thinking
Preferred Qualifications
- Familiarity with DeFi protocols, MEV security, and decentralized governance models
- Track record of leading bug bounty programs and engaging with security researchers
- Relevant certifications: CISSP, CISM, Offensive Security certifications