Principal Security Architect (Web3)

TL;DR

Principal Security Architect (Web3): Setting the architectural direction and security standards for institutional digital asset infrastructure with an accent on MPC-based custody and multi-chain integrations. Focus on designing secure signing flows, governing identity and access architecture, and ensuring the security of settlement and collateral surfaces.

Location: Hybrid working model in London, UK

Company

hirify.global provides institutional digital asset custody, settlement, and collateral management services using state-of-the-art MPC technology.

What you will do

• Act as the senior technical authority for security architecture, providing formal sign-off for major platform and infrastructure changes.
• Lead the architectural design of MPC-based signing infrastructure, transaction construction, and key lifecycle operations.
• Evaluate security across multiple blockchain families (EVM, UTXO, non-EVM) and assess third-party smart contract risk surfaces.
• Own and govern the identity and access architecture across Entra ID, federated SSO, OAuth2/OIDC, and SAML.
• Develop cloud security reference patterns for AWS and Azure, covering network topology and secrets handling.
• Conduct technical security reviews of vendors and protocols and support counterparty due diligence.

Requirements

• Deep architectural literacy in multi-chain environments (EVM, UTXO) including signing, consensus, and validator models.
• Strong conceptual grasp of threshold signing, signature schemes, and MPC operational architecture.
• Senior-level experience designing identity and access architecture (OIDC, SAML, Entra ID).
• Working architectural knowledge of AWS and Azure cloud security.
• Proven track record of holding formal security sign-off for significant system designs.
• Must be based in London to support a hybrid working model.

Nice to have

• Familiarity with verifiable builds, reproducible pipelines, and hardware-backed code signing.
• Awareness of digital asset regulations such as FCA, FINMA, and MiCA.
• Experience mapping controls between ISO 27001, SOC 2, and NIST CSF.
• Grounding in enterprise architecture frameworks like TOGAF or SABSA.

Culture & Benefits

• Minimum of 35 days paid time off per year, increasing with service.
• Comprehensive medical insurance including dental, optical, and mental health.
• Enhanced employer matching pension contributions and life insurance.
• Hybrid working model combining flexibility with in-person collaboration.
• 24/7 Employee Assistance Programme (EAP).

Hiring process

• Initial screening with the Talent Acquisition team.
• Virtual technical interview via Microsoft Teams focusing on problem-solving and experience.
• In-person interview focused on team dynamics, collaboration, and leadership.