Interdax is building a 3rd
generation digital asset exchange. Our team comes from top HFTs and
exchanges like Nasdaq and NYSE, as well as from well known firms in the
blockchain space. We are a well-funded project (8-figure sum) currently
operating in stealth mode.
In this role you will be responsible for delivering a trading platform with world-class robustness and security properties. You will develop the company’s risk management posture, threat model, and controls for securing Interdax’s cloud and bare metal infrastructure. This is a hands-on position where you will partner with other teams to help the firm meet regulatory and compliance requirements (SOC2, ISO27001, GDPR) and enhance Interdax’s security to meet enterprise grade standards.
- Implement the BeyondCorp “zero trust” security model championed by Google
- Manage and grow Interdax’s InfoSec team.
- Manage relationships with Interdax’s outsourced application pen-testing and bug-bounty vendors
- Develop and collaborate on cloud hosted security control architectures, patterns, and processes.
- Apply your knowledge for addressing security challenges in Distributed Systems, High Performance Computing and Blockchain environments
- Partner with SRE, DevOps and Engineering teams on secure configuration management, logical perimeter design and oversight.
- Coordinate with all the InfoSec team members, aligning efforts to constantly improve platform security
- Although it’s not the primary responsibility, take part in operational readiness, incident response and recovery if required.
- Develop sustainable identity and access management solutions.
- Manage data access controls and data loss protection.
- 10+ years of information security experience
- Proven history of delivering high-quality mission-critical software as part of a distributed services architecture.
- Experience defining and driving the security vision, as well as building security teams.
- Experience securing enterprise infrastructure involving:
- Network security controls
- Data Classification and Access Controls, DL
- Identity and access management
- SIEM and Security Operations
- Anti-malware, ransomware and other end-user controls
- Experience meeting regulatory and compliance requirements (SOC2, ISO27001, GDPR or similar).
- Strong working knowledge of applied cryptography and cryptanalysis
- Strong familiarity with the security challenges in the blockchain/cryptocurrency space.
- Experience with vulnerability management platforms: Qualys,Tenable, etc
- Solid communication skills and excellent attention to detail, quality, and schedule
- Strong analytical, organizational, and technical writing skills
- BS, MS or PhD in computer science, or related security discipline.
- An interest in financial markets and cryptocurrencies.
- Experience in a large financial institution or Fortune100 top tech firm
- Experience with HSMs and embedded security
Compensation and perks
- Competitive salary ($180k-$250k / year)
- Profit sharing (0.5 - 1%)
- Fully remote
- Flexible work hours
- Unlimited Vacation Policy
- Startup culture
- Team getaways