About the company
The World's Leading Cryptocurrency Platform
Job Summary
Responsibilities
📍Conduct, design, and implement testing of security controls covering identity management, key management, and infrastructure (network and cloud) configurations. 📍Support client assurance activities, including responding to Requests for Proposals (RFPs), Requests for Information (RFIs), and Due Diligence Questionnaires (DDQs). 📍Identify and analyze trends in client inquiries and provide feedback to internal teams to improve documentation and control readiness. 📍Perform security due diligence and ongoing monitoring for Web3/blockchain vendors, including assessing their control maturity, reviewing SOC reports and security documentation, and identifying residual risks. 📍Facilitate external audit activities, including coordination of walkthroughs, evidence collection, and response tracking. 📍Identify and analyze gaps in current and new processes, then develop and track remediation recommendations to completion (e.g., onboarding flow). 📍Develop and maintain understanding of applicable financial regulatory security requirements and ensure alignment of controls. 📍Research and share information security best practices, emerging threats, and mitigation strategies with internal teams. 📍Evaluate and propose next-generation security tools, automation, and technologies to enhance overall security posture. 📍Review blockchain network or protocol upgrades for their potential security impact on the platform.
Requirements
📍At least 8 years of relevant experience in security assurance, audit, compliance, or cloud security engineering. 📍Demonstrated experience testing and validating security controls across IAM, key management, and network/cloud environments. 📍Strong understanding of Identity and Access Management (IAM) principles. 📍Knowledge of cryptographic key management, HSMs, and KMS systems. 📍Solid grasp of cloud and network security architecture and configuration. 📍Proven experience supporting SOC 1, SOC 2, ISO 27001, PCI DSS, or similar external audits and assessments. 📍Exposure to major cloud platforms (AWS, GCP, Azure) and infrastructure-as-code. 📍Experience in preparing client assurance materials, RFP/RFI/DDQ responses, and evidence documentation.
If you’re passionate about blockchain and decentralized technologies, explore more opportunities in web3 and cryptocurrency careers.