Interdax is building a 3rd generation digital asset exchange. Our team comes from top HFTs and exchanges like Nasdaq and NYSE, as well as from well known firms in the blockchain space. We are a well-funded project (8-figure sum) currently operating in stealth mode.

In this role you will be responsible for delivering a trading platform with world-class robustness and security properties. You will develop the company’s risk management posture, threat model, and controls for securing Interdax’s cloud and bare metal infrastructure. This is a hands-on position where you will partner with other teams to help the firm meet regulatory and compliance requirements (SOC2, ISO27001, GDPR) and enhance Interdax’s security to meet enterprise grade standards.

Responsibilities

• Implement the BeyondCorp “zero trust” security model championed by Google
• Manage and grow Interdax’s InfoSec team.
• Manage relationships with Interdax’s outsourced application pen-testing and bug-bounty vendors
• Develop and collaborate on cloud hosted security control architectures, patterns, and processes.
• Apply your knowledge for addressing security challenges in Distributed Systems, High Performance Computing and Blockchain environments
• Partner with SRE, DevOps and Engineering teams on secure configuration management, logical perimeter design and oversight.
• Coordinate with all the InfoSec team members, aligning efforts to constantly improve platform security
• Although it’s not the primary responsibility, take part in operational readiness, incident response and recovery if required.
• Develop sustainable identity and access management solutions.
• Manage data access controls and data loss protection.

Requirements

• 10+ years of information security experience
• Proven history of delivering high-quality mission-critical software as part of a distributed services architecture.
• Experience defining and driving the security vision, as well as building security teams.
• Experience securing enterprise infrastructure involving:
  • Network security controls
  • Data Classification and Access Controls, DL
  • Identity and access management
  • SIEM and Security Operations
  • Anti-malware, ransomware and other end-user controls
  • IDS/IPS
• Experience meeting regulatory and compliance requirements (SOC2, ISO27001, GDPR or similar).
• Strong working knowledge of applied cryptography and cryptanalysis
• Strong familiarity with the security challenges in the blockchain/cryptocurrency space.
• Experience with vulnerability management platforms: Qualys,Tenable, etc
• Solid communication skills and excellent attention to detail, quality, and schedule
• Strong analytical, organizational, and technical writing skills
• BS, MS or PhD in computer science, or related security discipline.

Bonus Points

• An interest in financial markets and cryptocurrencies.
• Experience in a large financial institution or Fortune100 top tech firm
• Experience with HSMs and embedded security

Compensation and perks

• Competitive salary ($180k-$250k / year)

• Profit sharing (0.5 - 1%)
• 
Fully remote

• Flexible work hours
• 
Unlimited Vacation Policy
• 
Startup culture
• 
Team getaways