Senior Security Engineer/Architect (Blockchain/Web3)

We’re hiring a Security Engineer/Architect with Blockchain experience who thrives in fast-moving environments, understands
technical depth, and can independently own security across multiple areas — from architecture and infrastructure to monitoring and investigations.
You’ll be joining a lean team with serious responsibilities — context switching and high autonomy are part of the job. The role is ideal for someone who prefers deep thinking over surface-level “best practices”.
You’ll play a key role in securing our systems and eventually take ownership of technical implementation and decision-making.
We are building a range of products — from an advanced crypto payment solution evolving into a full blockchain ecosystem with real-world impact, to a comprehensive platform featuring its own blockchain, non-custodial wallet, and stablecoin protocol designed for diverse use cases.

Requirements

• 5+ years in security engineering, with hands-on experience in DevSecOps and, preferably, Web3;
• Deep understanding of blockchain technologies and integration methods.
• Solid understanding of containerized infrastructure, Kubernetes
• Proven experience working with cloud platforms (AWS, GCP, any experience with bare metal infrastructure will be a huge plus);
• Deep understanding of security principles, such as least privilege, defense in depth, secure defaults, and trust boundaries;
• Strong knowledge of network security (e.g., TLS, VPNs, firewall rules, intrusion detection);
• Familiarity with common vulnerabilities and exploit patterns (e.g., SQLi, XSS, CSRF, SSRF, RCE);
• Understanding of encryption fundamentals (symmetric/asymmetric cryptography, key rotation, secure storage);
• Practical experience with identity and access management (IAM, RBAC, MFA, OAuth2, SSO);
• Proven track record securing production infrastructure (and SDLC as a whole). This also includes implementation and maintenance of the following:
• SIEM platforms;
• SAST/DAST tools;
• Infrastructure as Code (IaC) security scanning tools;

• Secrets management (any experience with highly secure HSM stores will be highly appreciated);

   

Would be a plus

• Expertise in blockchain solutions, VMs, and smart contracts, any prior Solidity experience will be a huge plus;
• Experience with high-performance transaction systems and distributed systems.
• Strong knowledge of microservices patterns, API design, and message brokers (e.g., RabbitMQ, Kafka).
• Familiarity with security policies and standards (e.g., NIST, ISO27001, CIS Benchmarks);
• Experience conducting or preparing for security audits or compliance assessments (SOC2, GDPR, etc.);
• Creating and maintaining playbooks for security incidents, access reviews, and response procedures;

Responsibilities

• Own and maintain internal security tooling (e.g., scanners, linters, alerting systems);
• Design, configure, and maintain security controls across infrastructure (firewalls, IAM policies, network segmentation);
• Continuously update threat models based on real usage and emerging attack patterns;
• Own access control systems for internal and on-chain resources (e.g., multisig ops, key custody, signer policies);
• Perform static and dynamic analysis of codebases, including integrating SAST/DAST tools into CI/CD;
• Stay up to date with emerging vulnerabilities, test their impact on internal systems, and patch proactively;
• Drive the integration of inner account ecosystem projects, ensuring smooth operation;
• Work with DevOps and other product teams to secure cloud and containerized infrastructure;
• Participate in optimization of the platform’s performance, reliability, and fault-tolerance capabilities;
• Act as a technical advisor, mentoring development teams and ensuring architectural consistency.
• Participate in design and implementation of secure architecture across all blockchain layers (Execution, Consensus, etc.);
• Manage security procedures for all core and periphery blockchain tools (explorer, validator portal, etc.);