Security Engineering/Architecture Lead

The PolySign Information Security team is looking for a Security Engineering/Architecture Lead, reporting to the Chief Information Security Officer (CISO), to secure our digital asset platform. This is a hands-on leadership role for an experienced professional to build a highly advanced digital asset platform at a well-funded, fast-growing organization.

Our company mission is to build products to increase the adoption of digital assets. Founded in 2017, PolySign has luminaries in both the cryptocurrency and financial services spaces working to solve the biggest problems in the industry.

What You’ll Do

• own the overall security of the PolySign platform
• work closely every day with engineering and product teams on all security aspects of the platform
• provide expert guidance in cryptography and key management for engineering teams
• engage in extensive threat modeling, lead security reviews of both architecture and code, and organize testing and mitigation
• document the security of the system for both internal and external audiences
• establish and enhance security protocols that protect systems on an ongoing basis
• shape the engineering culture, providing training on security topics and skills

Who You Are

• have a deep sense of ownership, with a positive attitude and strong commitment to deliver exceptional work
• thrive in a startup environment...versatile
• able to understand diverse perspectives and willing to challenge established thinking
• bring clarity to complex problems and deliver elegant solutions
• write exceptional documentation...impeccable attention to detail
• prioritize learning and development
• self-starter able to work independently with minimal direction
• driven to build an amazing product in the digital assets space

Essential Qualifications

• 5+ years hands-on professional experience with security engineering and architecture
• advanced skill set in cryptography and blockchains
• command of industry best practices and frameworks (eg, ISO2700x, NIST, CIS, CSA)
• performed secure code reviews, threat modeling, and security testing
• extensive security engineering/architecture experience with:
  • cloud providers, particularly AWS, and containers (eg, Kubernetes/EKS)
  • HSMs and certificate management
  • mobile (iOS and Android)

Preferred Qualifications

• familiarity with rust, python, javascript, iaas tools (eg, terraform, yaml)
• experience with regulated organizations and assessment frameworks (eg, SOC/SSAE)
• policy development
• team management
• CISSP/CISA/CISM or related certification