Director of Security
About the Role
You will define, implement, and enforce comprehensive security and operational security policies across the organization. You will manage custodial wallet and on-chain operation security, implement key management and data retention strategies, and conduct regular risk assessments. You will lead crisis response for security incidents, oversee internal and external vulnerability assessments and penetration tests, manage bug bounty triage and security communication channels, and handle hardware provisioning and endpoint management. You will coordinate password and access controls, drive onboarding and offboarding processes for systems like Slack and JIRA, manage vendor security expectations, and ensure adherence to regulatory standards such as SOC2 and GDPR.
Requirements
- Proven experience in a senior security management role
- Strong understanding of security protocols, crisis management, and risk management
- Experience with IT infrastructure and vendor management
- Familiarity with compliance and regulatory frameworks such as SOC2 and GDPR
- Excellent communication and leadership skills
- Leadership experience in data science or software engineering (preferred)
- Knowledge of optimization theory, mechanism design, or computational economics (preferred)
- Solid mathematical and theoretical background applicable in practical settings (preferred)
- Ability to simplify complex concepts and mentor team members (preferred)
Responsibilities
- Develop and enforce comprehensive security and operational security policies
- Establish policies for managing and securing custodial wallets, Aera guardian, and on-chain operations
- Implement key management, rotation, and data retention strategies
- Identify potential risk vectors and conduct regular risk assessments
- Lead crisis management during security incidents
- Continuously review and ensure compliance with operational security policies
- Oversee internal and external vulnerability assessment and penetration testing processes
- Manage and triage the company’s bug bounty programs and monitor security communication channels
- Oversee hardware management and provisioning including managed laptops
- Manage password and access controls and coordinate onboarding and offboarding for systems like Slack and JIRA
- Handle vendor management to ensure external service providers meet security standards
- Ensure adherence to regulatory requirements such as SOC2 and GDPR as needed
Benefits
- Remote first work from anywhere
- Competitive packages with incentive based compensation opportunities
- Regular in-person company retreats and cross-country office visit perk
- 100% paid medical dental and vision premiums for employees
- Laptop monitor keyboard and mouse setup provided
- $1,000 WFH stipend upon joining
- $100 per month reimbursement for fitness-related expenses
- Monthly reimbursement for home internet phone and cellular data
- Unlimited vacation policy
- 100% paid parental leave of 12 weeks
- Fertility benefits
Skills
HardwareIt InfrastructureBug BountySoc2On-Chain OperationsPrivate Key ManagementKey ManagementOffboardingLeadershipAccess ControlGdprSecurityComplianceCommunicationVulnerability AssessmentOnboardingOperational SecurityCustodial WalletHardware ManagementCrisis ManagementVendor ManagementRisk ManagementPenetration Testing