Head of Security (External)

Serotonin • Full-time • New York • 12h ago

Our Client is a company that is pioneering Web3 venture studio dedicated to creating and supporting blockchain projects with a focus on scalability, sustainability, and decentralized technology. Their mission is to build products and solutions that empower developers, businesses, and individuals to thrive in the Web3 ecosystem.

The team brings deep expertise in blockchain infrastructure, protocol development, and community engagement, working to make decentralized technologies accessible and impactful. With a strong emphasis on innovation and collaboration, they aim to shape the future of blockchain by providing tools, platforms, and ecosystems that drive adoption and foster long-term growth in the decentralized economy.

About this role

We are seeking a Head of Security responsible for taking a critical role in upholding the security of all products, from conceptual in their design to completion. Your role will extend beyond ensuring the security of individual applications to encompassing the broader landscape of blockchain network security. This involves not only the meticulous protection of individual applications but also the continuous monitoring and fortification of the entire blockchain network.

Key Responsibilities:

You would be the owner of security of new and existing products through pentesting and threat modeling, and contributing towards internal tooling and integration to ensure that security is baked into the software development lifecycle.
Oversight of cryptographic key management and encryption strategies to safeguard data integrity.
Integration of security practices seamlessly into the DevOps pipeline, ensuring that security is not a hindrance but an integral part of the development lifecycle
Build a comprehensive, prioritized assessment of the security risks that our on/of chain products face and a roadmap for mitigating those risks
Develop on/off chain security strategies and provide security guidance for new on/off chain products and technologies
Support teams in reviewing, auditing, and securing novel smart contracts and pallets
Review systems to secure digital assets (e.g. cryptocurrency) from attackers.
Engineers will come to you as a trusted source of guidance for the secure development and maintenance of their products. Your insight will be consulted for strategic technical decisions, to guarantee that security is not an afterthought in our technical roadmap.
Your responsibilities include overseeing the cryptographic security measures implemented in our decentralized systems.
Conducting security risk assessments, audits, and vulnerability studies to identify vulnerabilities and risks, and develop action plans to mitigate them.
Developing and implementing cohesive policies, procedures, and training programs.
Promoting positive security culture, risk management, and security awareness.

Key Qualifications:

4+ years proven experience as a security lead.
Require in-depth knowledge of consensus algorithms, cryptographic security mechanisms, and smart contract security, with a focus on those used in Polkadot, Ethereum, Solana, Cosmos, and Binance ecosystems.
Experience in Security Architecture , specially with respect to the applications building on top of blockchain networks.
Experience in blockchain-specific incident response and threat intelligence, including real-time monitoring of network activities, anomaly detection, and quick response to security breaches.
Proficiency in using blockchain analytics tools for security monitoring and forensics.
Proven experience in conducting smart contract audits or pallets, with a focus on identifying and mitigating vulnerabilities in smart contracts across various blockchain platforms.
Prior work experience in blockchain/cryptocurrency fields.
Understanding of network security (incl. Network and Host IDS/IPS, WAF, SIEM, Antimalware, DLP, URL filtering, other).
Secure coding and Security Testing knowledge (SAST and DAST), Vulnerability management.
Understanding of OWASP top ten web application security risks.
Understanding of the Polkadot ecosystem.
Hands-on experience implementing security protocols for both pallets and smart contracts.

What We Offer:

Flexible hours and a dedicated remote budget
28 vacation days
A Macbook, and other tech to help you to do your job
The opportunity to build and contribute to high-impact projects in a new industry that will positively shape the lives of hundreds of millions of people.
High growth potential. Room to grow professionally, while learning new skills and working at the cutting edge of the decentralized Machine Economy.
A warm and open culture at an international organization with team members from all four corners of the globe.