IT Security Engineer - South America

Remote - Buenos Aires

OpenZeppelin

The standard for secure blockchain applications

View company page

About us

Founded in 2015, OpenZeppelin is the premier crypto cybersecurity technology and services company, trusted by the most used DeFi and NFT projects in the world.

Our mission is to protect the open economy, safeguarding tens of billions of dollars in funds for leading crypto organizations including Aave, Coinbase, Compound, Ethereum Foundation, TheGraph and many others.

The OpenZeppelin team, spread across 30+ countries in the world, is responsible for creating the most popular Open Source Library for Smart Contract development in the world with over 15 million downloads! The expertise we've built along the years allowed us to uncover major security vulnerabilities for some of the most well known players in the market.

With the success of our products, our security audit work, and the open source educational efforts, we are setting the industry standards for secure systems of a hyper-fast-growing industry and we're looking for more folks to help us on our mission.

The IT & Security team ❤️

The IT & Security team at OpenZeppelin is responsible for the planning, execution, and delivery of the IT & Information Security Program that supports OpenZeppelin processes, technologies, products, and customers. The team manages the company’s IT and Security Operations, leads Governance Risk and Compliance initiatives, and supports Product Security activities and processes, led by the Head of IT & Security.

What you'll be doing 

  • Create and maintain IT and cloud security policies.
  • Guide the DevOps team to implement cloud security and compliance controls.
  • Partner with development teams to design, implement and enhance security best practices in the SDLC and change management processes.
  • Work alongside other security team members to implement and maintain company-wide security best practices of all IT infrastructure including applications and endpoints devices.
  • Support systems access provisioning and deprovisioning as well as onboarding and offboarding activities.
  • Execute internal IT risk assessments and support the remediation of the findings.
  • Execute third-party risk assessments.
  • Assist with SOC 2 internal audits.
  • Review periodically the security configurations of our systems.
  • Learn new concepts, skills, and technologies to propose and implement new IT and security solutions.
  • Assist with IT and security requests.

You have 

  • 3 to 5 years of IT security and cloud security experience.
  • Experience designing and implementing IT security controls in general and in AWS cloud in particular.
  • Experience with automating processes and/or security controls.
  • Experience with DevOps, DevSecOps, and Agile methodologies.
  • Proven experience building productive relationships with internal teams and partners.
  • Curiosity and research skills to find IT and security solutions for our business needs..
  • Excellent verbal and written communication skills to effectively exchange ideas and information with other teams and to provide assistance for IT and security matters.

Nice to have

  • Knowledge of or exposure to common information security management frameworks, such as ISO/IEC 27001, NIST 800-53, NIST Cybersecurity Framework, CIS controls, or SOC 2 Type 2 reports and audit processes.
  • Previous experience with Disaster Recovery Planning and Incident Response.
  • Understanding of APIs and how to develop automation utilizing API functionality of tools and solutions.
  • Previous experience managing Google Workspace environments.
  • Github experience.
  • Security certifications, such as CISSP, CISM, or GIAC certifications.
  • Experience with cryptocurrencies or decentralized finance.
  • Exposure to Blockchain / Web3 technologies and infrastructure.

Logistics

Our interview process takes place on Zoom and tends to consist of the following stages:

  • Recruiter call (45 minutes)
  • Hiring Manager call (45 minutes)
  • Team member interview (1 hour)
  • Leadership call (30 minutes)
  • Paid work test
  • Reference checks

Please let us know if you require any accommodations for the interview process, and we’ll do our best to provide assistance.

Benefits

  • Unlimited holidays 🏝
  • Fully remote: your way of working 🌎
  • Paid parental leave & benefits for primary or second caregiver 💙
  • Team events: onboarding tour & company retreats in different locations around the world 😎
  • Work from home office equipment stipend of up to $500 USD 🪑
  • Monthly allowance for wellness activities 💪
  • Coworking: access to a coworking space of your choice 👩‍💻
  • Learning: technical training; spoken language lessons in any language of your choice (using Italki) 🗣
  • Working with a global team in a fast-growing industry 🚀

 

At OpenZeppelin, we are an equal opportunity employer and we value different perspectives. We are committed to building a diverse workforce. This includes but is not limited to gender, race, sexual orientation, religion, national origin and other characteristics that make each one of us unique. In this uniqueness, we find the most value. Come join us!

 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile APIs Audits Automation AWS Blockchain CISM CISSP Cloud Compliance Crypto DevOps DevSecOps Finance GIAC GitHub Governance Incident response IT infrastructure NIST NIST 800-53 Open Source Product security Risk assessment SDLC SOC SOC 2 Vulnerabilities

Perks/benefits: Career development Gear Home office stipend Parental leave Team events Wellness

Regions: Remote/Anywhere South America
Country: Argentina
Job stats:  10  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.