OpenEden
IT Security Lead
NEWJob Description
[AI-summarized by JobStash]
You will oversee and enhance security across cloud infrastructure, internal systems, and digital asset operations. You will design, implement, and manage security controls, perform security reviews of new features and integrations, and maintain the Technology Risk Management register. You will identify and remediate threats, vulnerabilities, misconfigurations, and access risks, monitor system health, investigate alerts, and lead incident response and recovery. You will own relationships with security vendors, lead third-party and vendor risk reviews, and support disaster recovery and resilience testing. You will design and maintain institutional-grade wallet and transaction security controls to protect minting and redemption processes.
Requirements
- ā5ā8 years in IT security, security engineering, or DevSeCOps with at least 2ā3 years in crypto or web3 environments
- āExperience working within a regulated environment (e.g. MAS, BMA, FCA, SEC) preferred
- āStrong hands-on experience in cloud security, preferably AWS (IAM, logging, networking)
- āStrong understanding of blockchain security fundamentals including Ethereum/EVM, smart contract vulnerabilities, and oracle risks
- āHands-on ability to design and implement security solutions independently
- āExperience working with or managing external security vendors
- āExperience in startups or fast-moving environments
- āFamiliarity with custody providers (e.g. Fireblocks) preferred
- āExperience supporting audits such as ISO and SOC2 preferred
Responsibilities
- āOwn and maintain security controls across AWS including IAM, access, logging, and network security
- āIdentify and remediate threats, vulnerabilities, misconfigurations, and access risks across systems
- āMaintain and actively manage the Technology Risk Management register including risk identification, tracking, and remediation
- āPerform security reviews of new features, smart contract integrations, and system architectures prior to launch
- āManage security vendors including MSSP, monitoring tools, and Web3 security providers
- āMonitor system health, investigate security alerts, and lead incident response and escalation
- āDesign and maintain institutional wallet and transaction security controls for minting and redemption
- āLead third-party and vendor risk reviews and technical due diligence for integrations and protocols
- āSupport testing and continuous improvement of disaster recovery and resilience processes
- āMaintain and enhance recovery procedures for critical systems
Benefits & Perks
- āEmployee Stock Option Scheme eligibility
- āToken incentive allocation
- āFlexible work arrangements