Security Engineer

My client is building at the intersection of institutional finance and emerging technology. With $40M in funding from Electric Capital and Paradigm, they are bringing together the best minds from Ethereum and Wall Street to rebuild the infrastructure that underpins the financial system—faster, safer, fully on-chain.

Security is not a cost center here. It is a client-facing differentiator and a core part of how we earn trust with the institutional counter parties we serve. The security program you help build will be referenced in client due diligence packages, auditor engagements, and enterprise contract negotiations.

You will report directly to the CISO, operate with technical autonomy, and have the organizational support to execute a security program that is genuinely production-grade.

My client is building its security program from the ground up, and doing it right. While we are still at the startup level, we are moving rapidly toward enterprise grade security controls, processes, and procedures. They are hiring a Security Engineer who will serve as the hands-on execution layer of a security strategy designed by the CISO and backed by organizational investment.

This is not a compliance checkbox role. This is a builder role.

You will be executing the technical implementation of a modern, cloud-native security stack, standing up identity enforcement, endpoint protection, cloud posture management, threat detection, and GRC evidence pipelines that are production-grade and auditor-credible. You will work directly with the CISO to accelerate our security timeline, improve controls, and create the automation infrastructure that compounds in value across every future review cycle.

The work you do here becomes the foundation my client scales on for years to come. If you want to build something that matters and have your fingerprints on a security program early in its journey, this is that role.

This role is a direct investment in my client's revenue acceleration and operational scalability. You will succeed in this role by delivering:

• Accelerated Security Improvement: Partnership with the CISO for hands-on, parallel, technical execution, across many aspects of security engineering and GRC.
• Improved Audit Quality: Effective, well-optimized, technical integrations that produce clean, timestamped, auditor-legible evidence chains across every control.
• Automation Compounding: Secure, automated processes for threat prevention, detection, & response that scale with the company's growth.

• Design, deploy, and maintain core security controls across identity, endpoint, cloud, and application layers. including SSO/MFA enforcement, MDM, EDR, CSPM, secrets management, and DLP
• Own the technical integration of security tooling across the organization's environment, ensuring controls are properly configured, enforced, and producing auditor-credible evidence, not just deployed
• Take responsibility for the technical execution of the organization's security roadmap under the direct guidance and support of the CISO, driving parallel work streams across infrastructure, GRC, and daily operations.

• Build and maintain detection coverage across all cloud and endpoint systems; validate alert paths through formal, documented test scenarios
• Monitor security alerts and logs for anomalous activity; investigate potential incidents and deliver timely, structured updates to the CISO

• Lead the vulnerability management lifecycle: scanning, triage, SLA-tracked remediation, and patching verification across cloud workloads, endpoints, and system dependencies.
• Maintain a complete inventory of non-human identities (service accounts, API keys, bot tokens, Lambda roles) including ownership, rotation schedules, and expiry tracking

• Identify and implement automation across security controls, alerting, evidence collection, and operational workflows to reduce manual burden and improve program scalability
• Proactively identify gaps in the security posture and…