Staff Security Engineer

Summary

Join Nansen as a Staff Security Engineer and ensure the secure operation of our user-facing application and cloud infrastructure, initially focusing on our staking offering's security. You will be responsible for key management, infrastructure hardening, and compliance readiness. Your responsibilities will expand to cover the full application and data analytics platform. You will play a key role in shaping the organization's long-term security vision, focusing on defensive security and collaborating with various engineering teams. The position is full-time and remote, based in Europe or Asia. You will be involved in hands-on implementation and improving our security posture.

Requirements

• Deep familiarity with key management best practices and encryption fundamentals
• Strong understanding of defensive security tools and methodologies, including their practical application in dynamic environments
• Proven experience implementing and maintaining security systems, such as SIEM, endpoint protection, network detection, vulnerability scanning, and cloud security tooling
• Understanding of blockchain security, including securing blockchain systems, assessing smart contracts, and implementing robust key management processes
• Familiarity with vulnerability scanning tools, penetration testing and code audit processes
• Excellent communication and technical documentation skills

Responsibilities

• Infrastructure and network security Take ownership of and actively implement baseline cloud, container, and application security standards, ensuring they are integrated into our stack, including regular use of vulnerability scanning tools
• Harden bare-metal servers and deploy security tooling (e.g., AV/EDR, IDS/IPS, DLP, Logging & Monitoring), taking a hands-on role in the setup and maintenance
• Collaborate with external providers to plan and oversee penetration tests, ensuring identified vulnerabilities are prioritized and addressed
• Blockchain security Actively improve key management processes, focusing on protecting high-risk blockchain keys with Hardware Security Modules (HSMs) or equivalent solutions
• Proactively monitor and assess blockchain-exposed surfaces, personally reviewing internal and external endpoints for exploitable vulnerabilities
• Collaborate with external providers to plan and oversee security audits and reviews of smart contracts and blockchain components, ensuring actionable improvements are identified and addressed
• Compliance Collaborate with teams to maintain clear, up-to-date security documentation, including reference architectures and operational procedures
• Personally implement security architecture, methods, and controls required to meet compliance and audit requirements, ensuring execution is prioritized
• Incident response Lead the investigation, containment, and resolution of security incidents, taking a proactive, hands-on approach
• Conduct detailed postmortems to identify root causes and establish preventive measures

Preferred Qualifications

• Familiarity with compliance frameworks and certification processes is a plus
• Have an AI-first mindset.  At Nansen, AI is not just a tool - it's a mindset. Ideal candidates are those who enthusiastically embrace AI tools and techniques to streamline processes and elevate outcomes

Benefits

• Competitive salary and generous equity
• Remote work environment with a flexible schedule
• A team that values learning and is willing to test and adopt innovative solutions (including AI)
• A company culture that values speed, ownership, curiosity, simplicity, transparency and courage
• Opportunities for personal and professional growth as the company scales
• Exposure to a global network of industry experts, partners and influencers