About the Company
A leading real-world asset (RWA) tokenization platform, renowned for its unmatched focus on regulatory standards and advanced financial technology. Founded in 2022, the company bridges traditional and decentralized finance by providing, through its regulated entities in two offshore jurisdictions, secure, transparent, and compliant on-chain access to tokenized RWA. The firm is tokenizing global finance with a core focus on compliance and innovation.


About the Role
We are seeking an IT Security Lead to oversee and enhance security across cloud infrastructure, internal systems, and digital asset operations, aligned with regulatory standards for TRM and Cyber Security. This is a hands-on individual contributor role, focused on the design, implementation, and ongoing management of security controls. The successful candidate will work closely with Engineering to ensure secure system design and operations, and partner with the CRO and CISO on risk, governance, and security oversight.


What We Offer

  • A chance to directly contribute to the success and growth of one of the most reputable and regulated RWA tokenization platforms in the space, with a proven commercial track record
  • Supportive culture that values clear communication and high-quality execution
  • Competitive compensation
  • Eligibility to participate in the Employee Stock Option Scheme and token incentive allocation
  • Flexible work arrangements


Responsibilities

  • Own and maintain security controls across AWS (IAM, access, logging, network security)
  • Identify and remediate threats, vulnerabilities, misconfigurations, and access risks across systems
  • Maintain and actively manage the Technology Risk Management (TRM) register, including risk identification, tracking, and remediation
  • Act as the security gatekeeper, performing security reviews of all new features, smart contract integrations, and system architectures prior to launch
  • Act as the primary owner of security vendors (MSSP, monitoring tools, Web3 security providers), ensuring effective coverage and response capability
  • Monitor system health, investigate security alerts, and lead incident response, including coordination with internal teams and external providers for containment, recovery, and escalation
  • Design and maintain institutional-grade wallet and transaction security controls, ensuring the integrity of minting and redemption processes
  • Lead third-party and vendor risk reviews, including technical due diligence for integrations, web3 protocols, and service providers
  • Support the testing and continuous improvement of disaster recovery and resilience processes
  • Maintain and enhance recovery procedures for critical systems


We Are Looking For Someone Who

  • 5–8 years in IT security, security engineering, or DevSecOps, with at least 2–3 years specifically within crypto or a web3-native environment
  • Experience working within a regulated environment (e.g. MAS, BMA, FCA, SEC) preferred
  • Strong hands-on experience in cloud security (AWS preferred: IAM, logging, networking)
  • Strong understanding of blockchain security fundamentals (Ethereum/EVM, smart contract vulnerabilities, and oracle risks)
  • Hands-on builder, can design and implement independently
  • Experience working with or managing external security vendors
  • Experience in startups / fast-moving environments


Preferred Qualifications

  • Familiarity with custody providers (e.g. Fireblocks)
  • Experience supporting audits (ISO / SOC2)