Crypto Security Engineer (Web3)

Формат работы

onsite

Тип работы

fulltime

Грейд

senior

Английский

Страна

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Crypto Security Engineer (Web3): Securing off-chain trading processes and infrastructure for institutional financial operations with an accent on risk assessments, key custody interfaces, and operational security. Focus on implementing monitoring for security signals, performing threat modeling, and ensuring the resilience of trading tools against external threats and internal errors.

Location: London

Company

hirify.global is a global crypto company facilitating secure access to cryptocurrency for over 90 million wallet holders.

What you will do

Map inventory trading systems, data flows, third-party integrations, and custody/settlement touchpoints.
Conduct deep-dive assessments to identify structural vulnerabilities and draft strategic Risk Treatment Plans (RTP) based on NIST and DORA standards.
Act as the primary security liaison for senior management and vendors, translating technical gaps into business risk summaries.
Implement and maintain monitoring for FinOps-specific security signals using SIEM/SOAR for real-time response.
Manage secrets and key-management hygiene using KMS/Vault, ensuring least-privilege access and automatic rotation.
Triage SAST/SCA findings for FinOps repositories and participate in incident post-reviews.

Requirements

5+ years of experience in security engineering, platform security, or application security.
Proven expertise in structured Threat Modeling (e.g., STRIDE) of complex data flows.
Experience with observability and detection tooling (SIEM, logs, metrics).
Practical experience with KMS/HSM, secrets management (Vault, AWS/GCP KMS), and IAM patterns.
Ability to audit Pull Requests in TypeScript, Java/Kotlin, or Python.
English: C1 level required to communicate complex risks to C-suite stakeholders.

Nice to have

Familiarity with trading systems, market-making, execution, or settlement.
Exposure to on-chain hirify.global concepts (wallets, addresses, transactions).
Knowledge of SOC operations and post-incident forensic analysis.
Familiarity with SOC2, ISO 27001, or financial audit requirements.

Culture & Benefits

High-visibility role embedded within the Institutional Trading and FinOps team.
Commitment to diversity, inclusion, and equal opportunity employment.
Opportunity to work at one of the most trusted global crypto companies.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →