Security Engineer & Architect

Founded in 2018 and already valued at over $8 billion, Fireblocks is a SaaS platform that helps companies to create innovative products on the blockchain and manage day-to-day crypto operations. Fireblocks is trusted by some of the largest financial institutions, banks, globally-recognized brands, and Web3 companies in the world, including BNY Mellon, BNP Paribas, ANZ Bank, Revolut, and thousands more, to securely scale digital asset operations through the Fireblocks Network and MPC-based wallet infrastructure. We have offices in New York, London, Tel Aviv, and Singapore, and we are continuing to expand our teams to reach new customers globally.

Position Summary

As a Hands-On Security Engineer & Architect at Fireblocks, you will play a pivotal role in safeguarding our organization's digital assets and ensuring the integrity, confidentiality, and availability of our sensitive data. You will be responsible for designing, implementing, and managing security solutions, frameworks, and strategies to protect our systems, data, and infrastructure from cyber threats and vulnerabilities. This role requires a deep understanding of security best practices, emerging threats, and the ability to collaborate with cross-functional teams to implement security measures effectively.

Key Responsibilities

Security Strategy and Planning:

• Develop and maintain the organization's security strategy, policies, and procedures.
• Collaborate with leadership to align security initiatives with business objectives.
  
  

• Design, implement, and maintain a robust and comprehensive security architecture within our corporate environment including endpoint, network, email, data, IAM, 3rd party SaaS, data warehouse, and self-hosted environments.
• Ensure the security architecture aligns with industry standards and regulatory requirements.
  
  

• Identify and assess security risks, threats, and vulnerabilities.
• Develop and implement risk mitigation strategies and controls.
• Monitor and report on the security posture of the organization.
  
  

• Evaluate and implement security technologies, tools, and products.
• Manage, monitor, and maintain our security products, including email security, EDRs, NDRs, SSPM, DSPM, SSE, identity and access management, and more.
• Establish automation-based workflows to leverage the various security solutions efficiently.
  
  

• Ensure corporate technologies (SaaS, self-hosted, data warehouses, etc.) are implemented with a proper security layer. This includes relevant configuration and hardening, IAM, user management & authorization, data security, product-specific best practices, and more.
  
  

• At least 3 years of experience in security architecture and cyber security; consultancy experience is a plus.
• Proficiency in developing risk-based long and short-term strategic plans and roadmaps, with a proven track record of hands-on execution.
• Bachelor's degree in Computer Science or a related field.
• Experience with simplifying processes by automation and scripts.
• Industry certifications, such as CISSP, CISM, or CISA, are a plus.
• Comprehensive understanding of Information security standards, regulations, and frameworks (e.g. ISO 27001, NIST CSF, and Cyber Essentials)
• Strong knowledge of security principles, technologies, and best practices.
• Proficiency in risk assessment; incident response or offensive background is a plus.
• Excellent communication and collaboration skills
• Strong problem-solving and analytical abilities.