Security Specialist – Web3 / SaaS / DeFi | Fully Remote
With a rapidly growing international team and a mission to democratise access to next-gen finance and technology, this organisation is building a pioneering SaaS platform alongside their established ecosystem. Now, they’re looking for a Security Specialist to fortify and scale their operational security frameworks across their infrastructure.
The Role
You’ll play a critical role in developing and enhancing the security infrastructure for both core platforms and a newly launched SaaS venture. This is a hands-on, high-impact role ideal for candidates with a strong foundation in cybersecurity who thrive in agile, fast-moving environments.
Working cross functionally with engineering, compliance, operations, and product teams, your mission will be to ensure the confidentiality, integrity, and availability of systems, data, and customer assets.
Key Responsibilities
Operational & Technical Security
- Monitor, investigate, and respond to security events across systems, cloud platforms, and internal tools.
- Deploy and manage security tools: SIEM, IDS/IPS, endpoint protection, vulnerability scanners, logging infrastructure.
- Conduct vulnerability assessments and coordinate remediation.
- Maintain secure configuration baselines across infrastructure and cloud services.
- Enforce Data Loss Prevention (DLP) policies and monitor data movement across environments.
- Map internal and external data flows across APIs, systems, and SaaS applications.
Cloud Security
- Secure cloud environments (AWS preferred), including encryption strategies and cloud-native tools.
- Manage network segmentation, access policies, and secrets management.
Risk Management & Compliance
- Support GDPR, SOC 2, ISO 27001, and crypto-specific compliance.
- Maintain and enforce internal security policies and procedures.
- Collaborate with privacy and governance teams to align frameworks.
Access & Identity Management
- Lead access control practices including IAM, RBAC, least-privilege models, MFA, and anomaly detection.
- Conduct access audits and privilege reviews.
- Maintain robust audit logging and behavioural monitoring.
Security Culture & Awareness
- Deliver training, simulations, and awareness programs.
- Run phishing and social engineering prevention initiatives.
Incident Response
- Lead the full incident response lifecycle: detection through post-mortem.
- Maintain and iterate incident playbooks and run regular tabletop exercises.
Secure Development & SaaS Security (Bonus)
- Partner with engineering to embed security into product development.
- Conduct security reviews, code analysis, and threat modelling.
What We’re Looking For
Must-Have
- 3+ years of experience in cybersecurity, information security, or security operations.
- Proficiency in Data Loss Prevention (DLP) and data classification tools.
- Strong data flow mapping capabilities.
- Solid cloud security expertise (AWS preferred).
- In-depth understanding of IAM, RBAC, MFA, and security monitoring.
- Experience with SIEM tools, endpoint protection, and vulnerability management.
- Incident response expertise and knowledge of common threat models (e.g., MITRE ATT&CK).
- Familiarity with GDPR, SOC 2, or other data protection regulations.
- Clear communicator able to bridge technical and non-technical stakeholders.
Nice-to-Have
- Background in fintech, blockchain, or DeFi.
- Knowledge of cryptography, wallets, smart contracts, or key management.
- Security certifications (e.g., Security+, OSCP, GCIH, CCSP).
- Scripting experience for automating security processes.
- Exposure to ISO 27001 or SOC 2 Type II frameworks.
What’s on Offer
- Competitive salary
- Flexible 40-hour workweek
- Unlimited paid time off
- Remote-first culture – work from anywhere
- Team off-sites and international events
If you’re passionate about security and excited by the opportunity to help scale a truly innovative platform in the Web3 space, we’d love to hear from you. Apply now to learn more and take the next step in your cybersecurity career.