Senior-Lead Security Engineer

Cube Group, Inc.

Cube Group, Inc.

Posted on Saturday, June 22, 2024

About Cube Group, Inc.:

Cube is a pioneering start-up that's reshaping the digital asset trading landscape. By merging the best features of both centralized and decentralized platforms, we're crafting a user-centric marketplace that champions transparency, security, and speed. As we address the challenges of traditional exchanges and DeFi, our vision is to be the preferred digital asset marketplace for a diverse range of clients.

Position Overview:

You'll work closely with our talented engineering team to design and implement a comprehensive security program to enhance the posture of critical systems that power Cube. You will take the lead in designing, implementing, and managing the processes, policies, and tools across multiple domains including Operations and Governance, Risk, and Compliance (GRC). If you're a proactive and experienced engineer who thrives on responsibility and is eager to contribute to a revolutionary digital asset platform, we'd love to hear from you.

Key Responsibilities:

  • Develop, implement, and enforce information security policies and procedures.
  • Ensure compliance with relevant regulations and industry standards (e.g., SOC2, ISO 27001, CIS, PCI-DSS).
  • Maintain and manage the risk register, identifying and mitigating risks to the organization’s information assets.
  • Manage internal and external audits to ensure compliance with regulatory requirements and industry standards.
  • Develop and lead incident response plans, containment efforts, and damage mitigation strategies.
  • Implement end-user device management, ensuring secure configuration and maintenance of laptops, mobile, and other devices.
  • Conduct regular vulnerability scanning and oversee the timely patching and remediation of identified vulnerabilities across systems, applications, and networks.
  • Implement advanced EDR/XDR technologies to enhance threat detection and incident response capabilities.
  • Develop and implement a bug bounty program.
  • Evaluate and deploy security technologies and solutions as needed to enhance our security posture.

Qualifications:

  • Strong knowledge of security principles, best practices, and technologies.
  • Strong understanding of governance, risk, and compliance frameworks and methodologies.
  • Experience with MDM, EDR/XDR, vulnerability scanning, penetration testing, SIEM, and other standard security technologies.
  • Relevant certifications (e.g., CISSP, CISM, CEH, GIAC/GSE)

Preferred Qualifications:

  • Bachelor's degree in Computer Science, Engineering, or a related field.
  • Experience with SOC2, ISO 27001, and PCI compliance preparation and audit management.

Personal Attributes:

  • Curious and eager to learn.
  • Team player with a collaborative mindset.
  • Detail-oriented and committed to quality.
  • Adaptable and thrives in a fast-paced environment.
  • Proactive and takes initiative.

What's in it for you?

  • Opportunity to work on groundbreaking projects in the digital asset space.
  • Collaborative and innovative work environment.
  • Competitive salary and benefits.
  • Growth and learning opportunities.

Cube Group, Inc. is an equal opportunity employer dedicated to fostering a diverse and inclusive workforce. We warmly welcome candidates from all backgrounds to apply.

Salary Range: The expected salary range for this position is competitive and commensurate with experience.

Application Process: Interested candidates are invited to send their resume, along with any relevant project links or portfolios, to [email protected]

Join us and be a part of the future of digital asset trading!