Founded in 2014, Ledger is the global leader of security solutions and infrastructure for cryptocurrencies and blockchain applications, with more than 3.5 million users in 165 countries. Ledger combines hardware and software expertise to secure billions of dollars worth of almost 2,000 different crypto assets - worldwide, 15% of these assets are managed through the Ledger ecosystem.
To sustain our growth, you will take a lead role in the continued innovation of Ledger’s Cyber Security strategy by defining, conveying and embedding security best practices within Ledger’s architectural, change and technical communities.
Reporting to the Head of Security Change and Assurance, you will be a key member of the Cyber Security/Information Security team and will be relied upon by the architecture, infrastructure and platforms teams to play a key role in ensuring fast, efficient, secure delivery of change programmes.
Your key interfaces in this role would be: our Head of Security Change and Assurance but also Enterprise Security Architect, Solutions Architects, risk department, Business and Project sponsors and Product Owners.
Your overall mission will be as follow:* Embed a culture of security within Ledger’s wider community of Architects, SMEs and change teams in an accountable, efficient and proactive manner* Be a leader in understanding emerging and existing security technologies and introducing them to the overall environment* Design, develop, and implement security controls and tools that improve the defence of Ledgers internet services infrastructure and applications* Collaborate with Ledgers security teams to enhance and refine the processes and frameworks used in improving Ledgers security posture* Be a passionate and enthusiastic defender of Ledger’s information assetsYour responsibilities
- Execution of the Security Strategy and assists development of its key artefacts including security standards, patterns and technical specifications
- Conduct threat modelling, develop requirements and provide risk based assessment of gaps as well as suggesting attendant mitigating controls
- Work multi-functionally with teams throughout Ledger on technology and initiatives to enhance security and best practices of product and service teams
- Provide direction in industry wide security technologies, standards and emergent concepts, for example: OAUTH2/OIDC, SAML, Kerberos, KMIP, FIPS, Immutability, DevSec Ops etc
- Provide technical expertise in the enhancement of Ledger’s security management capabilities: Vulnerability Management, Logging and Alerting, Code Analysis, Compliance
- Develop production infrastructure fixes to complex vulnerabilities
- Be a technical leader responsible for helping secure Ledger
Key requirements
- Bachelor’s degree in engineering, computer science, information security, or information systems, however equivalent experience in a relevant field will be valued just as strongly
- Significant Information Security / Cyber Security experience ideally with financial services exposure
- Previous experience working with distributed, dynamic, highly scalable and available architectures
- Strong understanding of software assurance methodologies and technologies, such as secure coding standards, static and dynamic analysis, SDLC and DevSecOps
- Demonstrable familiarity with cloud architectures and controls
- Strong multi OS experience
- Ability to pivot between the key security domains and communicate effectively with technical experts in those areas
- Ability to handle complex projects and competing priorities in a fast paced environment
- Demonstrable experience in persuading and communicating effectively with a broad spectrum of business stakeholders
- Relevant Certification such as: CISSP, CCSP
- Nice to have: SABSA, OSCP, TOGAF, Cloud Architect certifications
Benefits
- Join one of the fastest growing technology companies in Europe
- Competitive compensation package and ESOP according to the Company policy
- Flexible working hours, remote-friendly environment
- Strong focus on personal development including internal/external trainings and attendance to conferences
- Internal talks, technical meetups and hackathons
- High performance office equipment
- Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
- Meal Vouchers with Swile (ex Lunchr)
- Annual company outing for Ledgerdary Days plus infrequent parties, snacks and drinks
- Employee discount on Ledger products
Ledger guarantees equal opportunity for all during the recruitment process, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.