Head of Security & IT
New York
Gauntlet Networks
Gauntlet leads the field in quantitative research and optimization of DeFi economics. We manage market risk, optimize growth, and ensure economic safety for protocols facilitating the majority of spot trading, borrowing, and lending activity across all of DeFi, protecting and optimizing the largest protocols and networks in the industry. As of January 2024, Gauntlet manages risk and incentives covering over $13 billion in customer TVL.
Gauntlet continually publishes cutting-edge research that informs our risk models, alerts, and analysis, and is among the most cited institution — including academic institutions — in terms of peer-reviewed papers addressing DeFi as a subject. We’re a Series B company with around 60 employees, operating remote-first with a home base in New York City.
Gauntlet’s mission is to drive adoption and understanding in the financial systems of the future. Building with decentralized systems creates novel challenges for mechanism designers, smart contract developers, and end-users of financial products, which are not seen in traditional software development and investing contexts. Gauntlet is dedicated to enhancing our industry’s understanding of this new domain, and revealing how to safely navigate the true bleeding edge of 21st-century financial innovation.
About Aera
Aera is a non-custodial, autonomous, on-chain asset management protocol that Gauntlet helped develop. Currently, Aera is focused on providing customizable, optimized treasury management solutions for DAOs. Gauntlet acts as the guardian for several core Aera strategies.
The Role
To grow our impact in the DeFi space, we are looking for a proactive and experienced Head of Security to join our team. The successful candidate will define and implement security and operational security (op-sec) policies, manage risks, ensure compliance with legal standards, and oversee the company's IT security infrastructure.
Responsibilities
- Develop and enforce comprehensive security and op-sec policies tailored to the company’s needs and those of individual teams.
- Establish policies for managing and securing custodial wallets, Aera guardian, and on-chain operations.
- Implement key management, rotation, and data retention strategies to safeguard company assets.
- Identify potential risk vectors and conduct regular risk assessments.
- Lead the organization's crisis management during security incidents.
- Continuously review and ensure compliance with operational security policies.
- Oversee internal and external Vulnerability Assessment and Penetration Testing (VAPT) processes.
- Manage and triage the company’s bug bounty programs and monitor designated security communication channels
- Oversee hardware management and provisioning, including devices like laptops using management software.
- Manage password and access controls, coordinate technological onboarding and offboarding processes, and integrate and remove team members from systems like Slack and JIRA.
- Handle vendor management to ensure all external service providers meet our security standards.
- As needed, ensure we adhere to regulatory requirements like SOC2, GDPR, and similar standards.
Qualifications
- Proven experience in a senior security management role.
- Strong understanding of security protocols, crisis management, and risk management
- Experience with IT infrastructure and vendor management.
- Familiarity with compliance and regulatory frameworks (e.g., SOC2, GDPR).
- Excellent communication and leadership skills.
Our Ideal Candidate
- Has leadership experience in data science or software engineering, preferably with knowledge in optimization theory, mechanism design, or computational economics.
- Possesses a solid mathematical and theoretical background, applicable in practical settings.
- Can simplify complex concepts into understandable ideas.
- Is effective at communicating clear goals and strategies, rallying the team, partners, and customers around shared objectives.
- Is dedicated to mentoring and supporting team development.
- Prioritizes impact and quality, aiming to make significant contributions to the DeFi landscape.
Benefits & Perks
- Remote first - work from anywhere!
- Competitive packages with the added opportunity for incentive based compensation
- Regular in-person company retreats and cross-country "office visit" perk
- 100% paid medical, dental and vision premiums for employees
- Laptop, monitor, keyboard and mouse setup provided
- $1,000 WFH stipend upon joining
- $100 per month reimbursement for fitness-related expenses
- Monthly reimbursement for home internet, phone, and cellular data
- Unlimited vacation policy
- 100% paid parental leave of 12 weeks
- Fertility benefits
The national pay range for this role is $200,000 plus additional On Target Earnings potential by level and equity in the company. Our salary ranges are based on paying competitively for a company of our size and industry, and are one part of many compensation, benefits and other reward opportunities we provide. Individual pay rate decisions are based on a number of factors, including qualifications for the role, experience level, skill set, and balancing internal equity relative to peers at the company.
#LI-Remote
Tags: Compliance GDPR IT infrastructure Jira Pentesting Risk assessment Risk management SOC 2 Vendor management
Perks/benefits: Competitive pay Equity Fertility benefits Fitness / gym Health care Home office stipend Medical leave Parental leave Team events Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs