Principal Security Architect

Role Purpose

The Principal Security Architect is the senior technical authority for security architecture  role reports to the CISO and partners closely with Engineering. The holder sets architectural direction, reviews and approves designs for major change, and acts as the firm's reference point on the security of the systems, protocols, and integrations Copper depends on. The role is predominantly architecture and assurance, with limited hands‑on solution design in the cloud and integration space where reference patterns are needed.

• Hold formal security sign‑off authority for major changes to Copper's platforms, infrastructure, and integrations.
• Shape and maintain the security architecture patterns, principles, and reference designs that engineering teams build against.
• Provide the senior technical security position in architectural and business decisions, including escalations where security and delivery pressures conflict.

• Provide architectural security leadership over Copper's signing infrastructure, working alongside specialist engineering and cryptography teams. Scope covers the people, process, and operational design around MPC‑based signing. Solid conceptual grounding in threshold cryptography and signature schemes is required; cryptographer‑level work is not.
• Review and approve changes to transaction construction, signing flows, approval policy, and key lifecycle operations.
• Provide architectural assurance over chain‑of‑trust constructs adjacent to custody, including verifiable build pipelines, hardware‑backed code signing, and authenticator‑bound administrative paths.

• Reason at architectural depth across the range of blockchains Copper supports, including EVM, UTXO, and account‑based non‑EVM families. This requires a working understanding of transaction construction, signing semantics, consensus assumptions, and validator and staking models across these environments, without being a protocol engineer in any of them.
• Assess third‑party smart contract architectures, implementations, and audit reports to a level sufficient to understand the exploit and risk surface, without performing line‑by‑line code review.
• Review first‑party integrations with partner networks, including those underpinning staking and similar on‑chain participation, and form a defensible security position on the operational and contract risk Copper inherits.

• Provide architectural ownership of the security model for Copper's settlement, collateral mirroring, and off‑exchange product surfaces.
• Reason about the trust boundaries between Copper, venues, and clients, and ensure architectural controls match the obligations each side carries.

• Own identity and access architecture as a dedicated pillar of the role.
• Set patterns for workforce, workload, and third‑party identity across Entra , federated SSO, OAuth2 / OIDC, SAML, and modern authenticators.
• Govern entitlement design, privileged access, and access models for contractors, vendors, and external operators.

• Maintain working architectural fluency in both AWS and Azure, including network topology, segmentation, secrets handling, and platform telemetry.
• Produce reference patterns and, where needed, direct integration designs in the cloud and platform space.

• Lead technical security review of vendors, integrated venues, and protocols, including challenge of assurances that do not stand up to scrutiny.
• Support client and counter party due diligence on the technical content most likely to be misrepresented or under‑specified.

• Maintain a working understanding of the regulatory regimes applicable to Copper's licensed entities sufficient to translate architectural decisions into language Compliance and GRC can defend. Primary ownership of regulatory positioning sits elsewhere.
• Contribute to security policy, standards, and control framework development as the senior technical reviewer.
• Partici…