Lead Security Architect

Skills

About the Role

You will own and elevate security across the organisation. You will define security strategy, identify and mitigate risks, and strengthen security practices across infrastructure, applications, internal systems, and employee devices. You will run security reviews, lead audits and certifications, embed Secure SDLC practices into engineering workflows, implement security tooling and automation, establish monitoring and incident response processes, and build a security awareness and training programme. You will apply Web3 and AI security expertise to identify emerging threats, review architectures and tools for security risks, and ensure findings drive action. You will coordinate with external auditors and security firms and translate regulatory requirements into practical controls.

Requirements

• Proven experience owning or leading a security function
• Background in security engineering or architecture
• Experience building or maturing security programmes in fast-moving engineering organisations
• Experience in a Web3 or payments fintech environment
• Solid knowledge of SOC 2, ISO 27001, DORA, MiCA, the EU AI Act, and NIS2
• Experience guiding organisations through certification and audit processes end-to-end
• Ability to translate regulatory and compliance requirements into practical internal programmes and controls
• Strong understanding of modern application security practices
• Experience with security reviews, threat modelling, and vulnerability management
• Familiarity with cloud infrastructure security and developer tooling
• Understanding of AI security risks and emerging attack vectors
• Experience managing or mentoring security teams

Responsibilities

• Own company-wide security and compliance
• Lead security efforts across infrastructure, applications, internal systems, and employee devices
• Identify risks and vulnerabilities and ensure they are addressed
• Establish scalable security processes and best practices
• Own compliance posture and drive progress against target frameworks
• Coordinate and lead external audits and relationships with security firms
• Define and run security reviews and certifications end-to-end
• Define and own the Secure SDLC and integrate security into development
• Perform threat modelling and vulnerability management
• Define and deliver security awareness and training programmes
• Implement security tooling, monitoring, and incident response processes
• Apply Web3 security practices and mitigate smart contract and on-chain risks
• Identify and mitigate AI-related security risks

Benefits

• Annual team offsites
• 30 days of paid time off
• Flexible remote days
• Flexible working hours
• Equity participation from day one
• Company-provided work computer (choice of equipment)
• Annual €1,000 personal development budget after 6 months (pro-rated first year)
• One-time €1,000 remote budget for coworking or office setup