Senior Security Engineer
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
A leading global cryptocurrency platform seeks an experienced independent contractor for senior-level security engineering. The role involves designing security controls, threat modeling, vulnerability management, and incident response across AWS, Kubernetes, and CI/CD pipelines.
Key Skills for This Role
Responsibilities
- Design and implement security controls across AWS, EKS/Kubernetes, CI/CD pipelines (Jenkins, GitHub Actions, ArgoCD), and AI/agentic workflows
- Deliver threat models, risk assessments, and security architecture reviews across infrastructure, applications, and AI driven systems
- Manage end to end vulnerability management across code, infrastructure, and AI generated artifacts using tools such as NewRelic, Bugsnag, and security scanners
- Develop secure coding and AI usage standards, including guardrails for LLMs, copilots, and automated workflows
- Build and operate security monitoring, alerting, and incident response capabilities, including detection of AI/agent related risks
- Evaluate and recommend security and AI tooling (SAST/DAST, SIEM, EDR, secrets management), with least privilege access and secure integrations
- Harden infrastructure and data layers (Terraform, IAM, VPC, Cloudflare, Cassandra, Kafka, Redis), including protections against unauthorised or automated actions
- Support compliance objectives (SOC 2, ISO 27001), with a focus on auditability, data protection, and governance of AI systems
- Provide security expertise across AI, cloud, and Web3 domains (smart contracts, key management, bridges)
- Advise product and blockchain teams on risk mitigation in decentralised systems
Requirements
- 5–8 years of demonstrated experience in security engineering across application, cloud, and infrastructure security
- Hands on experience securing AWS environments (IAM, VPC, EKS, S3, EC2) and Kubernetes
- Application security proficiency including OWASP Top 10, secure SDLC, code reviews, and common tooling (SAST/DAST, SIEM, secrets management)
- Strong foundation in network security, cryptography, and authentication protocols (OAuth, SAML, MFA)
- Experience with incident response, threat modelling, and frameworks such as MITRE ATT&CK
- Familiarity with compliance standards including SOC 2, ISO 27001, NIST, and GDPR
- Ability to operate independently, self manage deliverables, and maintain flexible scheduling
- Located within the APAC region with availability during agreed JST aligned collaboration windows
Full Job Posting
Role Overview
- A leading global cryptocurrency platform is seeking an experienced independent contractor to provide senior level security engineering services.
- This is a fully remote engagement. The successful candidate may be based anywhere within the APAC region.
- Collaboration windows aligned to Japan Standard Time (JST / UTC+9) are required for activities such as architecture reviews and incident response.
Scope of Services
- Design and implement security controls across AWS, EKS/Kubernetes, CI/CD pipelines (Jenkins, GitHub Actions, ArgoCD), and AI/agentic workflows.
- Deliver threat models, risk assessments, and security architecture reviews across infrastructure, applications, and AI driven systems.
- Manage end to end vulnerability management across code, infrastructure, and AI generated artifacts using tools such as NewRelic, Bugsnag, and security scanners.
- Develop secure coding and AI usage standards, including guardrails for LLMs, copilots, and automated workflows.
- Build and operate security monitoring, alerting, and incident response capabilities, including detection of AI/agent related risks.
- Evaluate and recommend security and AI tooling (SAST/DAST, SIEM, EDR, secrets management), with least privilege access and secure integrations.
- Harden infrastructure and data layers (Terraform, IAM, VPC, Cloudflare, Cassandra, Kafka, Redis), including protections against unauthorised or automated actions.
- Support compliance objectives (SOC 2, ISO 27001), with a focus on auditability, data protection, and governance of AI systems.
- Provide security expertise across AI, cloud, and Web3 domains (smart contracts, key management, bridges).
- Advise product and blockchain teams on risk mitigation in decentralised systems.
Required Expertise
- 5–8 years of demonstrated experience in security engineering across application, cloud, and infrastructure security.
- Hands on experience securing AWS environments (IAM, VPC, EKS, S3, EC2) and Kubernetes.
- Application security proficiency including OWASP Top 10, secure SDLC, code reviews, and common tooling (SAST/DAST, SIEM, secrets management).
- Strong foundation in network security, cryptography, and authentication protocols (OAuth, SAML, MFA).
- Experience with incident response, threat modelling, and frameworks such as MITRE ATT&CK.
- Familiarity with compliance standards including SOC 2, ISO 27001, NIST, and GDPR.
- Ability to operate independently, self manage deliverables, and maintain flexible scheduling.
- Located within the APAC region with availability during agreed JST aligned collaboration windows.
Additional Valued Expertise
- Professional certifications such as CISSP, OSCP, or AWS Security Specialty.
- Crypto/Web3 security knowledge including smart contracts, wallet/key management, and blockchain attack vectors.
- DevSecOps and CI/CD security integration experience.
- Experience with Cloudflare, service mesh technologies (e.g. Istio), or microservices security.
- Software engineering background in Java, Rust, or TypeScript.
- Smart contract auditing or Web3 tooling (Slither, MythX, Certora, on chain monitoring).
- Experience building or scaling a security function within a fast growing organisation.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Proof of Search
Head of Compliance
Dubai, UAE
Proof of Search is seeking a Head of Compliance & MLRO for a crypto trading platform. The role involves running the compliance and MLRO function for a regulated spot exchange and leading the application for a derivatives
Institutional Business Development
Dubai, UAE
A leading cryptocurrency exchange is seeking a Key Account Manager for Institutional BD to drive institutional growth by identifying, engaging, and onboarding high-value clients like hedge funds and asset managers. Requi