Senior Security Engineer

About the job

We are working with a decentralised exchange which looks to innovate on providing the best of CEXs and DEXs, focusing on building a safe, simple and scalable platform for trading. They differentiate themselves by offering institutional level systems and support whilst remaining on-chain and decentralised. We are in search of a Security Engineer to join their vibrant team, where you will play a crucial role in pinpointing risks across the organisation. Collaborating with each team, you will focus on identifying, alerting, mitigating, and preventing risks. This role offers you the chance to contribute to shaping, constructing, and pioneering security solutions in a swiftly evolving industry. What You’ll Be Doing ●       Architecting, implementing, and managing comprehensive security solutions.

●       Establish and enforce security policies, standards, and guidelines that comply with industry regulations and best practices.

●       Participate in penetration testing and purple teaming with ongoing or new projects to ensure their security posture is at a high level.

●       Monitor and respond to security incidents, ensuring quick resolution.

●       Build automation and leverage security frameworks with engineers that are able to improve security and reduce friction.

●       Take part in critical discussion topics, with the ability to challenge decisions and the status quo; we take collaboration and feedback seriously, believing it is one of the foundational principles of a great team.
 What We’re Looking For ●       Strong Information Security (InfoSec) skills, with proven experience in application security or a relevant field.

●       Hands-on experience of developing, engineering, or architecting within a public cloud environment.

●       Experience with engineering, using infrastructure-as-code (such as Terraform and Ansible).

●       Experience with performing threat modelling exercises or a very good understanding of the methodology and ability to assess a project's risk.

●       Understanding of container and DevSecOps concepts (we use DefectDojo) with CI/CD experience.

●       Familiarity with blockchain technology and cryptocurrency trading platforms.
 Bonus Points ●       Professional certifications such as OSCP, CISSP, CDP & CMTP.

●       Experience with IT security frameworks such as SOC 2 and ISO 27001.