Head of Custody Security
Crypto.com
full-time
Posted on:
Location Type: Hybrid
Location: Amsterdam • 🇳🇱 Netherlands
Visit company websiteJob Level
Lead
Tech Stack
AWSAzureCloudGoogle Cloud PlatformWeb3
About the role
- Conduct, design, and implement testing of security controls covering identity management, key management, and infrastructure (network and cloud) configurations.
- Support client assurance activities, including responding to Requests for Proposals (RFPs), Requests for Information (RFIs), and Due Diligence Questionnaires (DDQs).
- Identify and analyze trends in client inquiries and provide feedback to internal teams to improve documentation and control readiness.
- Perform security due diligence and ongoing monitoring for Web3/blockchain vendors, including assessing their control maturity, reviewing SOC reports and security documentation, and identifying residual risks.
- Facilitate external audit activities, including coordination of walkthroughs, evidence collection, and response tracking.
- Identify and analyze gaps in current and new processes, then develop and track remediation recommendations to completion (e.g., onboarding flow).
- Develop and maintain understanding of applicable financial regulatory security requirements and ensure alignment of controls.
- Research and share information security best practices, emerging threats, and mitigation strategies with internal teams.
- Evaluate and propose next-generation security tools, automation, and technologies to enhance overall security posture.
- Review blockchain network or protocol upgrades for their potential security impact on the platform.
Requirements
- At least 8 years of relevant experience in security assurance, audit, compliance, or cloud security engineering.
- Demonstrated experience testing and validating security controls across IAM, key management, and network/cloud environments.
- Strong understanding of Identity and Access Management (IAM) principles.
- Knowledge of cryptographic key management, HSMs, and KMS systems.
- Solid grasp of cloud and network security architecture and configuration.
- Proven experience supporting SOC 1, SOC 2, ISO 27001, PCI DSS, or similar external audits and assessments.
- Exposure to major cloud platforms (AWS, GCP, Azure) and infrastructure-as-code.
- Experience in preparing client assurance materials, RFP/RFI/DDQ responses, and evidence documentation.
- Familiarity with blockchain platforms or digital asset custody systems is advantageous.
- Can work independently and under pressure.
- Excellent verbal and written communication skills
- Pragmatic and solution-oriented approach, ability to balance security requirements with operational feasibility and business needs.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security controls testingidentity managementkey managementcloud security engineeringnetwork security architectureSOC 1SOC 2ISO 27001PCI DSSinfrastructure-as-code
Soft skills
communication skillsindependent workability to work under pressuresolution-oriented approachanalytical skillsfeedback provisionremediation trackingclient assurance supportdocumentation improvementtrend analysis