IT Security Engineer
Posted on 2/16/2023

11-50 employees

Smart contract development security platform
Company Overview
OpenZeppelin’s mission is to provide security solutions for the decentralized ecosystem, and the Ethereum blockchain which faces the challenge of being able to scale while remaining decentralized, secure, and affordable for users. The company is committed to protecting the open economy, OpenZeppelin safeguards tens of billions of dollars in funds for leading crypto organizations including Coinbase, Ethereum Foundation, and many others.
London, UK • Remote
Experience Level
Desired Skills
Development Operations (DevOps)
DevOps & Infrastructure
  • 3 to 5 years of IT security, application and cloud security experience
  • Experience designing and implementing IT security controls in general and in AWS cloud in particular
  • Experience with DevSecOps and Agile methodologies
  • Proven experience building productive relationships with internal teams and partners
  • Curiosity and research skills to find IT and security solutions for our business needs
  • Excellent verbal and written communication skills to effectively exchange ideas and information with other teams and to provide assistance for IT and security matters
  • Guide the DevOps team to implement cloud security and compliance controls
  • Partner with development teams to design, implement and enhance security best practices in the SDLC and our software offerings
  • Create and maintain IT and cloud security policies
  • Work alongside other security team members to implement and maintain company-wide security best practices of all IT infrastructure including applications and endpoints devices
  • Support systems access provisioning and deprovisioning as well as onboarding and offboarding activities
  • Execute internal IT risk assessments and third-party risk assessments, as well as support the remediation of the findings
  • Assist with SOC 2 internal audits
  • Review periodically the security configurations of our systems
  • Learn new concepts, skills, and technologies to propose and implement new IT and security solutions
Desired Qualifications
  • Understanding of APIs and how to develop automation utilizing API functionality of tools and solutions
  • Previous experience with Disaster Recovery Planning and Incident Response
  • Previous experience managing Google Workspace environments
  • Security certifications, such as CISSP, CISM, or GIAC certifications
  • Knowledge of or exposure to common information security management frameworks, such as ISO/IEC 27001, NIST 800-53, NIST Cybersecurity Framework, CIS controls, or SOC 2 Type 2 reports and audit processes
  • Exposure to Blockchain / Web3 technologies and infrastructure