Responsibilities

📍Infrastructure and network security 📍Take ownership of and actively implement baseline cloud, container, and application security standards, ensuring they are integrated into our stack, including regular use of vulnerability scanning tools. 📍Harden bare-metal servers and deploy security tooling (e.g., AV/EDR, IDS/IPS, DLP, Logging & Monitoring), taking a hands-on role in the setup and maintenance. 📍Collaborate with external providers to plan and oversee penetration tests, ensuring identified vulnerabilities are prioritized and addressed. Blockchain security 📍Actively improve key management processes, focusing on protecting high-risk blockchain keys with Hardware Security Modules (HSMs) or equivalent solutions. 📍Proactively monitor and assess blockchain-exposed surfaces, personally reviewing internal and external endpoints for exploitable vulnerabilities. 📍Collaborate with external providers to plan and oversee security audits and reviews of smart contracts and blockchain components, ensuring actionable improvements are identified and addressed. 📍Compliance 📍Collaborate with teams to maintain clear, up-to-date security documentation, including reference architectures and operational procedures. 📍Personally implement security architecture, methods, and controls required to meet compliance and audit requirements, ensuring execution is prioritized. 📍Incident response 📍Lead the investigation, containment, and resolution of security incidents, taking a proactive, hands-on approach. 📍Conduct detailed postmortems to identify root causes and establish preventive measures.

##Requirements 📍Deep familiarity with key management best practices and encryption fundamentals. 📍Strong understanding of defensive security tools and methodologies, including their practical application in dynamic environments. 📍Proven experience implementing and maintaining security systems, such as SIEM, endpoint protection, network detection, vulnerability scanning, and cloud security tooling. 📍Understanding of blockchain security, including securing blockchain systems, assessing smart contracts, and implementing robust key management processes. 📍Familiarity with vulnerability scanning tools, penetration testing and code audit processes. 📍Excellent communication and technical documentation skills. 📍Familiarity with compliance frameworks and certification processes is a plus. 📍Have an AI-first mindset. At Nansen, AI is not just a tool - it's a mindset. Ideal candidates are those who enthusiastically embrace AI tools and techniques to streamline processes and elevate outcomes