Head of Security & IT

About Gauntlet
Gauntlet leads the field in quantitative research and optimization of DeFi economics. We manage market risk, optimize growth, and ensure economic safety for protocols facilitating the majority of spot trading, borrowing, and lending activity across all of DeFi, protecting and optimizing the largest protocols and networks in the industry. As of January 2024, Gauntlet manages risk and incentives covering over $13 billion in customer TVL.
Gauntlet continually publishes cutting-edge research that informs our risk models, alerts, and analysis, and is among the most cited institution — including academic institutions — in terms of peer-reviewed papers addressing DeFi as a subject. We’re a Series B company with around 60 employees, operating remote-first with a home base in New York City.
Gauntlet’s mission is to drive adoption and understanding in the financial systems of the future. Building with decentralized systems creates novel challenges for mechanism designers, smart contract developers, and end-users of financial products, which are not seen in traditional software development and investing contexts. Gauntlet is dedicated to enhancing our industry’s understanding of this new domain, and revealing how to safely navigate the true bleeding edge of 21st-century financial innovation.
About Aera
Aera is a non-custodial, autonomous, on-chain asset management protocol that Gauntlet helped develop. Currently, Aera is focused on providing customizable, optimized treasury management solutions for DAOs. Gauntlet acts as the guardian for several core Aera strategies.
The Role
To grow our impact in the DeFi space, we are looking for a proactive and experienced Head of Security to join our team. The successful candidate will define and implement security and operational security (op-sec) policies, manage risks, ensure compliance with legal standards, and oversee the company's IT security infrastructure.

Responsibilities

• Develop and enforce comprehensive security and op-sec policies tailored to the company’s needs and those of individual teams.
• Establish policies for managing and securing custodial wallets, Aera guardian, and on-chain operations.
• Implement key management, rotation, and data retention strategies to safeguard company assets.
• Identify potential risk vectors and conduct regular risk assessments.
• Lead the organization's crisis management during security incidents.
• Continuously review and ensure compliance with operational security policies.
• Oversee internal and external Vulnerability Assessment and Penetration Testing (VAPT) processes.
• Manage and triage the company’s bug bounty programs and monitor designated security communication channels
• Oversee hardware management and provisioning, including devices like laptops using management software.
• Manage password and access controls, coordinate technological onboarding and offboarding processes, and integrate and remove team members from systems like Slack and JIRA.
• Handle vendor management to ensure all external service providers meet our security standards.
• As needed, ensure we adhere to regulatory requirements like SOC2, GDPR, and similar standards.

Qualifications

• Proven experience in a senior security management role.
• Strong understanding of security protocols, crisis management, and risk management
• Experience with IT infrastructure and vendor management.
• Familiarity with compliance and regulatory frameworks (e.g., SOC2, GDPR).
• Excellent communication and leadership skills.

Our Ideal Candidate

• Has leadership experience in data science or software engineering, preferably with knowledge in optimization theory, mechanism design, or computational economics.
• Possesses a solid mathematical and theoretical background, applicable in practical settings.
• Can simplify complex concepts into understandable ideas.
• Is effective at communicating clear goals and strategies, rallying the team, partners, and customers around shared objectives.
• Is dedicated to mentoring and supporting team development.
• Prioritizes impact and quality, aiming to make significant contributions to the DeFi landscape.

Benefits & Perks

• Remote first - work from anywhere!
• Competitive packages with the added opportunity for incentive based compensation
• Regular in-person company retreats and cross-country "office visit" perk
• 100% paid medical, dental and vision premiums for employees
• Laptop, monitor, keyboard and mouse setup provided
• $1,000 WFH stipend upon joining
• $100 per month reimbursement for fitness-related expenses
• Monthly reimbursement for home internet, phone, and cellular data
• Unlimited vacation policy
• 100% paid parental leave of 12 weeks
• Fertility benefits

Please note at this time our hiring is reserved for potential employees who are able to work within the contiguous United States and Canada. Should you need alternative accommodations, please note that in your application.
The national pay range for this role is $200,000 plus additional On Target Earnings potential by level and equity in the company. Our salary ranges are based on paying competitively for a company of our size and industry, and are one part of many compensation, benefits and other reward opportunities we provide. Individual pay rate decisions are based on a number of factors, including qualifications for the role, experience level, skill set, and balancing internal equity relative to peers at the company.  
#LI-Remote