Summary

We are seeking a Head of Security responsible for taking a critical role in upholding the security of all products, from conceptual in their design to completion. Your role will extend beyond ensuring the security of individual applications to encompassing the broader landscape of blockchain network security. This involves not only the meticulous protection of individual applications but also the continuous monitoring and fortification of the entire blockchain network.

Key Responsibilities:

1. You would be the owner of security of new and existing products through pentesting and threat modeling, and contributing towards internal tooling and integration to ensure that security is baked into the software development lifecycle.
2. Oversight of cryptographic key management and encryption strategies to safeguard data integrity.
3. Integration of security practices seamlessly into the DevOps pipeline, ensuring that security is not a hindrance but an integral part of the development lifecycle
4. Build a comprehensive, prioritized assessment of the security risks that our on/of chain products face and a roadmap for mitigating those risks
5. Develop on/off chain security strategies and provide security guidance for new on/off chain products and technologies
6. Support teams in reviewing, auditing, and securing novel smart contracts and pallets
7. Review systems to secure digital assets (e.g. cryptocurrency) from attackers.
8. Engineers will come to you as a trusted source of guidance for the secure development and maintenance of their products. Your insight will be consulted for strategic technical decisions, to guarantee that security is not an afterthought in our technical roadmap.
9. Your responsibilities include overseeing the cryptographic security measures implemented in our decentralized systems.
10. Conducting security risk assessments, audits, and vulnerability studies to identify vulnerabilities and risks, and develop action plans to mitigate them.
11. Developing and implementing cohesive policies, procedures, and training programs.
12. Promoting positive security culture, risk management, and security awareness.

Key Qualifications:

1. 4+ years proven experience as a security lead.
2. Require in-depth knowledge of consensus algorithms, cryptographic security mechanisms, and smart contract security, with a focus on those used in Polkadot, Ethereum, Solana, Cosmos, and Binance ecosystems.
3. Experience in Security Architecture , specially with respect to the applications building on top of blockchain networks.
4. Experience in blockchain-specific incident response and threat intelligence, including real-time monitoring of network activities, anomaly detection, and quick response to security breaches.
5. Proficiency in using blockchain analytics tools for security monitoring and forensics.
6. Proven experience in conducting smart contract audits or pallets, with a focus on identifying and mitigating vulnerabilities in smart contracts across various blockchain platforms.
7. Prior work experience in blockchain/cryptocurrency fields.
8. Understanding of network security (incl. Network and Host IDS/IPS, WAF, SIEM, Antimalware, DLP, URL filtering, other).
9. Secure coding and Security Testing knowledge (SAST and DAST), Vulnerability management.
10. Understanding of OWASP top ten web application security risks.
11. Understanding of the Polkadot ecosystem.
12. Hands-on experience implementing security protocols for both pallets and smart contracts.

Skills

• Analytical Thinking
• Cryptocurrency
• Risk Analysis
• Smart Contract Audit
• Software Architecture