Head of Security Engineering (AWS/KMS)

TL;DR

Head of Security Engineering (AWS/KMS): Setting technical direction and execution for hirify.global's security engineering program, focusing on secure-by-design cloud foundations, developer paved roads, and cryptographic/key-management controls appropriate for a high-availability trading environment. Focus on building preventative controls using infrastructure-as-code and policy-as-code, owning enterprise encryption with deep AWS KMS expertise, and embedding security into the SDLC.

Location: Predominantly remote, with hubs in London, Brussels, Singapore, and Paris. Team members are located around the world.

Company

hirify.global is a leading change-maker in the digital asset space, providing market making, options trading, high-frequency trading, OTC, and DeFi trading desks, while also pioneering Rust development for algorithmic trading and supporting Web3 startups.

What you will do

• Lead and grow a high-performing security engineering team, setting roadmap and standards.
• Own cloud security architecture for AWS, including landing zone patterns and multi-account strategy.
• Build preventative controls using infrastructure-as-code and policy-as-code.
• Own the enterprise encryption program in AWS, including KMS key policy design and governance.
• Embed security into the SDLC through threat modeling, secure coding guidance, and code scanning.
• Partner with Security Operations for high-signal detections and incident response tooling readiness.

Requirements

• 8+ years in security engineering (cloud, platform, and/or product security), with 3+ years leading teams or technical programs.
• Expert AWS security experience in production environments (multi-account, high availability).
• Deep AWS KMS expertise: key policies, grants, rotation, and cross-account usage patterns.
• Strong working knowledge of IAM, identity design, and least-privilege access controls in cloud environments.
• Proven ability to build security automation (infrastructure-as-code, CI/CD integration, policy enforcement, developer enablement).
• Clear communication skills, able to write standards/runbooks and influence senior engineers and executives.

Nice to have

• Experience in trading, fintech, crypto, or other 24x7 and/or low-latency production environments.
• Experience building paved-road platforms (golden pipelines, secure templates, internal developer platforms).
• Familiarity with cloud security tooling ecosystems (CSPM/CIEM, vulnerability management, SAST/DAST, secrets tooling).

Culture & Benefits

• Work on security challenges unique to digital-asset liquidity and trading across venues.
• Build durable security capabilities for a high-impact, high-availability business.
• Diverse team with 42 nationalities.
• Predominantly remote work with regular online and offline hangouts.
• Pioneers in adopting Rust Development language for algorithmic trading.
• Support the growth of Web3 startups through an Accelerator Program.