Infrastructure Security Engineer (Web3)

TL;DR

Infrastructure Security Engineer (Web3/DevSecOps): Designing and implementing security controls, automation, and monitoring across product and infrastructure environments with an accent on proactive threat actor identification and in-depth investigation of security issues. Focus on building automated tooling for secure configurations and integrating security into CI/CD pipelines and cloud-native architectures.

Location: Mandatory in-office presence four days per week in London

Company

A global crypto company connecting the world to the future of finance, facilitating over $1 trillion in transactions for millions of users.

What you will do

• Design and implement security controls, automation, and processes across product, platform, and infrastructure environments.
• Identify operational and technical security gaps and drive engineering initiatives to resolve them.
• Collaborate with SRE and engineering teams to integrate security into CI/CD pipelines and cloud-native architectures.
• Build automated tooling and services to enforce secure configurations and support continuous compliance.
• Conduct threat modeling, design reviews, and architectural assessments for systems.
• Participate in security incident response, providing engineering expertise and automation support.

Requirements

• 4+ years of experience in security engineering, platform security, or DevSecOps roles.
• Hands-on experience implementing security controls and automation within cloud environments (GCP or AWS preferred).
• Proficiency in Python, Bash, Go, Terraform, or similar infrastructure-as-code tools.
• Experience with Cloudflare (DDoS, WAF), OSS SIEM tools (Splunk, Elastic), or incident management platforms.
• Familiarity with CI/CD systems (Github Actions, Concourse, CircleCI) and HIDS systems (Wazuh preferred).
• Must be based in London to support a hybrid schedule (4 days/week in-office).

Nice to have

• Knowledge of security frameworks such as CIS Benchmarks, NIST, SOC2, ISO 27001, or PCI DSS.
• Experience building and maintaining a SIEM comprised of open-source and hosted components.
• Experience securing consumer-facing web and mobile (iOS/Android) applications.
• Experience designing policies and administering Hashicorp Vault.

Culture & Benefits

• Meaningful equity in an industry-leading crypto company.
• Unlimited vacation policy and a flexible work culture.
• Work from Anywhere policy allowing remote work for up to 20 days per year.
• Apple equipment and ClassPass membership.