About the company
Copper is a digital asset technology company dedicated to helping institutional investors safely acquire, trade, and store crypto assets. Built and led by Dmitry Tokarev, a software and financial engineering specialist, the firm provides a comprehensive suite of custody, trading and settlement solutions that reduce counterparty risk and bring greater capital and operational efficiency to digital asset markets. At the heart of Copper's offering is Multi-Party Computation (MPC) technology – the gold standard in secure custody. Copper’s multi-award winning custody system is unique in that it can be connected to centralised exchanges, DeFi applications and even staking pools without the assets leaving the custody. Built on top of this state-of-the-art custody, ClearLoop™ is the first solution in the market that overcomes a growing industry challenge; counterparty risk with exchanges. This solution underpins a full prime services offering, connecting global exchanges and enabling customers to trade and settle directly from the safety of their MPC-secured wallets. By reducing settlement time for transfers to a few milliseconds (without blockchain network dependency) and offering enhanced security measures, ClearLoop™ is rapidly reshaping the way asset managers trade and manage capital. In addition to industry-leading security certifications, Copper has one of the strongest insurance coverages in the industry from an A+ rated insurer, positioning the firm as the partner of choice for institutions seeking to safeguard their assets.
Job Summary
Key Responsibilities of the role
📍Security Systems Configuration and Analysis 📍Configure security systems according to specified requirements. 📍Analyse current security setups and recommend improvements to enhance security posture. 📍Deploy and assess security baseline hardening (CIS, Microsoft, STIG). 📍Identity and Access Management (IAM) 📍Responsible for configuring and implementing 📍Identity and Access Management solutions and supporting systems, including Entra ID (AAD), Identity Governance, and AWS Identity Centre. 📍Manage permission settings and access controls to ensure secure and efficient user access to company resources. 📍Security Practices and Technical Advice 📍Consult with staff, managers, and executives to advocate best security practices. 📍Provide technical advice on security measures and potential enhancements. 📍Create or update policies and procedures to align with industry regulations and best practices. 📍Security Risk Management 📍Manage vulnerability scanning tools to identify and mitigate security risks across endpoints and cloud infrastructure. 📍Conduct risk assessment activities to identify potential threats and develop plans to address vulnerabilities. 📍Ensure security controls comply with SOC2 framework and other regulatory requirements. SIEM Management and Log Analysis 📍Design and implement solutions for log shipping to managed SIEM systems, such as Microsoft Sentinel. Expectation for this role is you will oversee the integration of diverse data sources, including network logs, application logs, and security feeds, to enhance the analytical capabilities of our security systems. 📍Assist Security Operations team to tune and create alert logic for SIEM and other security tools to effectively monitor and respond to security incidents. 📍Security Solution Inventory and Maintenance 📍Maintain an inventory of security solutions like firewalls and anti-virus software. 📍Regularly review and recommend changes or upgrades to existing security tools. 📍Scripting and Automation 📍Utilise PowerShell/Bash scripting for automation of security tasks. 📍Develop and maintain scripts for efficient operation and response within the security infrastructure
Your experience, skills and knowledge
📍Demonstrated expertise in securing corporate environments with Microsoft 365 and Azure Security tools 📍Skilled in leveraging AWS security services to fortify cloud infrastructure 📍Proven experience in managing and securing a diverse range of devices using Jamf Pro and Jamf Protect. Like Windows, macOS, Android, and iOS operating systems. 📍Demonstrated ability in using scripting languages like PowerShell, Bash, and Python to automate security tasks, streamline processes, and enhance system efficiencies. 📍Proficient in the management and analysis of logs from various sources, including endpoints, SaaS platforms, and custom applications. 📍Skilled in the assessment and hardening of operating systems and SaaS applications, adhering to CIS and STIG standards. This includes a comprehensive understanding of the best practices in system security and the application of thepractices to ensure robust defence against cyber threats. 📍Experience in configuring and managing Secure Web Gateways, such as Zscaler, iBoss, and Netskope, to protect against web-based threats and enforce company security policies