About the company
Who We Are: Ethena Labs is building the first ETH based yield-bearing synthetic dollar. Arthur Hayes is a founding advisor and the team has deep experience across traditional finance and crypto engineering from firms such as Cerberus, Wintermute, Flow Traders, Deribit, Paradigm, Aave, Blockdaemon and Kaiko. We are backed by every major exchange and trading entities in the space. What we are Doing: We are building derivative infrastructure to enable Ethereum to transform into the Internet Bond via delta-neutral derivatives positions, to create the first crypto-native, yield bearing synthetic dollar: sUSDe. We believe creating a synthetic dollar which is not reliant on existing banking infrastructure is the single most important problem to solve and largest opportunity in crypto today. USDe will form the first part of a broader ecosystem of products we are building including fixed and floating rate internet bonds and composable repo leveraged markets.
Job Summary
## About the role:
As the Head of Security, you will lead and own the comprehensive security strategy for Ethena. You will report to the CTO and collaborate with our Fractional CISO. Functionally you'll be accountable for all day to day aspects of security, ensuring the protection of our assets, infrastructure, data, personnel, and facilities. This includes cybersecurity, blockchain security, physical security, and operational security.
This is a pivotal opportunity to build a security-first culture in a fast-paced, high-stakes environment where DeFi innovations meet real-world risks. You will collaborate closely with Product Engineering, DeFi Engineering, Security Engineering, DevOps and non-engineering teams to embed security into every facet of our operations, from smart contract development to physical site protections.
## Responsibilities:
šDevelop and execute a holistic security strategy encompassing cybersecurity, blockchain security, physical security, and operational security, aligning with industry standards (e.g., NIST, ISO 27001) and DeFi-specific risks.
šOversee blockchain and smart contract security, including audits, formal verification, secure key management, and protections against exploits like reentrancy or flash loan attacks.
šBuild and enforce a robust cybersecurity framework, including threat detection systems (e.g., SIEM, IDS/IPS), secure DevOps practices, penetration testing, and vulnerability assessments.
šManage physical security operations, including access controls, surveillance, executive protection programs, travel risk assessments, and site audits for offices, data centers, events, and key personnel residences.
šDrive compliance and regulatory alignment, achieving milestones such as SOC 2 and ISO 270001; prepare for audits and liaise with regulators.
šEstablish incident response and crisis management plans, conducting simulations, drills, and rapid recovery for cyber, physical, or hybrid threats to minimize downtime and losses.
šFoster a security-first culture through training, workshops, and integration of security-by-design principles across all teams.
šLead and scale the security team, hiring and mentoring Senior/Staff Security Engineers (and potentially physical security specialists), while overseeing the Security Engineering team.
šImplement real-time monitoring, threat intelligence, and performance metrics for digital and physical assets.
šManage security budgets, vendor relationships, and resources to optimize effectiveness.
šFuture-proof security for growth, anticipating emerging threats in DeFi and adapting systems for new products, integrations, and expanded operations.
## Requirements:
š10+ years of progressive experience in security leadership roles, with demonstrated expertise in cybersecurity, physical security, and risk management, preferably in fintech, crypto, or high-tech environments.
šProven track record in developing and implementing comprehensive security strategies, including blockchain/DeFi security (e.g., smart contract auditing, cryptographic protocols) and physical protections (e.g., executive security, facility assessments).
šStrong leadership skills with experience building and mentoring high-performing teams, including oversight of engineers and coordination with cross-functional stakeholders.
šExpertise in incident response, crisis management, threat intelligence, and compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, AML/KYC); experience achieving certifications is highly desirable.
šProficiency in secure software development, infrastructure security (e.g., cloud, Kubernetes, AWS), and tools for monitoring, automation, and vulnerability mitigation.
šExcellent communication and collaboration abilities to convey complex security concepts to technical teams, executives, regulators, and non-technical stakeholders.
šStrategic thinker with adaptability in dynamic environments, strong problem-solving, and a proactive approach to risk management.
šExperience in budget and vendor management for security operations.
šBachelor's or Master's degree in Computer Science, Information Security, or a related field; advanced certifications such as CISSP, CISM, CRISC, or similar are a plus.
šFamiliarity with DeFi-specific risks and technologies is highly desirable.
**If this role isn't the perfect fit, there are plenty of exciting opportunities in blockchain technology, cryptocurrency startups, and remote crypto jobs to explore. Check them on our Jobs Board.**
