Associate Security Architect

The CoinDCX Journey: Building Tomorrow, Today At CoinDCX, we believe ‘CHANGE STARTS TOGETHER’. You are the driving force that will help us make Web3 accessible to all. In the last six years, we have skyrocketed from being India’s first crypto unicorn to carrying a community of over 125 million with us. To continue maximising the adoption and acceleration of Web3, we are now focused on developing cutting-edge products, addressing accessibility and security challenges, and bridging the gap between people and Web3 technologies. While we go ahead and keep dominating the Web3 world, we would like to HODL you on our team Join our team of passionate innovators who are breaking barriers and building the future of Web3. Together, we will make the complex simple, the inaccessible accessible, and the impossible possible. Boost your innovation to an ALL TIME HIGH with us Inside CoinDCX’s IT Team Our IT team ensures that CoinDCX’s technological infrastructure is robust, reliable, and secure. We manage everything from network security to user support, enabling all teams to work efficiently. If you’re a tech-savvy problem solver with a passion for IT, join us in keeping CoinDCX’s operations running smoothly and securely. You need to be a HODLer of these
- Bachelor’s degree in computer science or related field
- 10+ years of experience in Information security and related domain
- 3+ years of experience in security architecture and security solution engineering
- Strong understanding of cryptographic algorithms and protocols used in blockchain, such as hashing functions, public-key cryptography, and zero-knowledge proofs.
- Experience in architecting and solving security problems
- Experience with driving Secure SDLC activities, DevSecOps (CI/CD), and agile software development practices
- Knowledge of Security Integration into CI/CD and experience in driving CI/CD adaptation for Security controls
- Sound understanding of security by design principles and architecture-level security concepts
- Strong leadership skills and the ability to coach and mentor other members of the Product Security teams
- Experience with penetration testing methodologies and tools including security analysis, audits, and reviews
- Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
- Sound knowledge of OWASP Top 10 and SANS 25
- Must have Knowledge and experience with security standards such as CCSS (CryptoCurrency Security Standard), NIST, ISO 27001/2, CSA, SOC 1&2, and CIS
- CISSP, TOGAF/SABSA, or Cloud security certifications are preferred
- Ability to convey security concepts to both technical and non-technical audiences
- Flexible, adaptable, and able to manage multiple tasks in a dynamic, fast-paced environment
- Excellent written and verbal communication skills, interpersonal and presentation skills, and the proven ability to influence and communicate effectively
- Excellent business acumen and a commercial outlook You will be mining through these tasks
- Performs security design and architecture reviews for the existing, and future implementations and new features, and provides recommendations to reduce the risks in Web 3.0 & Web 2.0 layers
- Proactively drive the security requirements phase along with the product and engineering teams, and develop security requirements focused on blockchain and Web3 ecosystems
- Stay informed about emerging threats and vulnerabilities specific to blockchain and Web3 technologies
- Develop and execute incident response plans tailored to the unique security challenges of decentralised environments.
- Implement and manage cryptographic protocols to ensure the security of data and transactions within blockchain systems.
- Develop strategies for secure key management, including private key protection, multi-signature and multi-party computation solutions.
- Ensure that blockchain and Web3 implementations comply with relevant regulations and industry standards
- Bridge the gap between traditional Web2 security practices and Web3 technologies to ensure a cohesive security strategy.
- Develop and implement security policies that address both centralized and decentralized components of the company’s infrastructure
- Develop and review threat models and security risk assessments to identify risks and drive mitigations
- Continuously review and align the secure development lifecycle to industry standards, including Microsoft SDL, OWASP development guides, and privacy-related guides
- Work collaboratively with the development and scrum teams to strengthen the existing software development lifecycle and standardize the secure development process across the company
- Review of cloud and physical infrastructure and their threat landscape to ensure ongoing and continued implementation of adequate security controls. Are you the one? Our missing block You are knowledge-hungry when it comes to VDA and Web3, always eager to dive deeper and stay ahead in this evolving sp