Staff Security Engineer

Role Overview

As a Staff Security Engineer, you will be responsible for ensuring the secure operation of our user-facing application and cloud infrastructure. Initially, you will concentrate on security for our staking offering, including key management, infrastructure hardening, and compliance readiness. Over time, your responsibilities will expand to cover the full application and data analytics platform. In addition to hands-on implementation, you will play a key role in shaping the organization's long-term security vision. Your primary focus will be on defensive security, and you will collaborate closely with DevOps, SREs, and other engineering teams to maintain and continuously improve our security posture.

You can be located anywhere in Europe or Asia, as our work is 100% online. The position is full-time.

Responsibilities

• Infrastructure and network security
  • Take ownership of and actively implement baseline cloud, container, and application security standards, ensuring they are integrated into our stack, including regular use of vulnerability scanning tools.
  • Harden bare-metal servers and deploy security tooling (e.g., AV/EDR, IDS/IPS, DLP, Logging & Monitoring), taking a hands-on role in the setup and maintenance.
  • Collaborate with external providers to plan and oversee penetration tests, ensuring identified vulnerabilities are prioritized and addressed.
• Blockchain security
  • Actively improve key management processes, focusing on protecting high-risk blockchain keys with Hardware Security Modules (HSMs) or equivalent solutions.
  • Proactively monitor and assess blockchain-exposed surfaces, personally reviewing internal and external endpoints for exploitable vulnerabilities.
  • Collaborate with external providers to plan and oversee security audits and reviews of smart contracts and blockchain components, ensuring actionable improvements are identified and addressed.
• Compliance
  • Collaborate with teams to maintain clear, up-to-date security documentation, including reference architectures and operational procedures.
  • Personally implement security architecture, methods, and controls required to meet compliance and audit requirements, ensuring execution is prioritized.
• Incident response
  • Lead the investigation, containment, and resolution of security incidents, taking a proactive, hands-on approach.
  • Conduct detailed postmortems to identify root causes and establish preventive measures.

Requirements

• Deep familiarity with key management best practices and encryption fundamentals.
• Strong understanding of defensive security tools and methodologies, including their practical application in dynamic environments.
• Proven experience implementing and maintaining security systems, such as SIEM, endpoint protection, network detection, vulnerability scanning, and cloud security tooling.
• Understanding of blockchain security, including securing blockchain systems, assessing smart contracts, and implementing robust key management processes.
• Familiarity with vulnerability scanning tools, penetration testing and code audit processes.
• Excellent communication and technical documentation skills.
• Familiarity with compliance frameworks and certification processes is a plus.
• Have an AI-first mindset. At Nansen, AI is not just a tool - it's a mindset. Ideal candidates are those who enthusiastically embrace AI tools and techniques to streamline processes and elevate outcomes.

What We Offer

• Competitive salary and generous equity.
• Remote work environment with a flexible schedule.
• A team that values learning and is willing to test and adopt innovative solutions (including AI)
• A company culture that values speed, ownership, curiosity, simplicity, transparency and courage.
• Opportunities for personal and professional growth as the company scales
• Exposure to a global network of industry experts, partners and influencers.